Reputation: 11
Session lost after redirect page
To describe the app, it has an default page where it will be checking user role from request header then assign the user id into session and redirect to corresponding pages. In every other pages, it will check whether the session has value or not, if no then will redirect the default page.
This has been tested in my dev environment and its working without any issue. However, when I hosted it in IIS (AWS EC2 environment). It started behaving very weird. If the application's bindings is stick to default. I can browse it in the server using http://localhost:26943/ with no issue.
However, when i change the bindings to hostname and browse using http://testing.com/, I found that the session containing user ID is empty.
I have tried several methods including :
- Add Session["init"] = 0 in Global.asax
- Change cookieless=true in web.config
- Change sessionState's mode to "StateServer"
- Redirect to "~/page.aspx" instead of "page.aspx"
Only change cookieless method worked for me but it will show session ID in the URL which I doubt is the correct method.
Details of app:
- .NetFramework 4.8
- Uses WCF service
- Current session state info is sessionState mode="InProc" cookieless="false" timeout="60"
- Configured c:\Windows\System32\Drivers\etc\hosts to add 127.0.0.1 testing.com
- Tested using IE 11
Upvotes: 1
Views: 5897
Answers (2)
Reputation: 49039
Since AWS is on a server farm? Then in-proc sessions are going to be VERY flakey and problematic. Those massive cloud systems will spool out your web server multiple times - a WILD guess as to where the next page will come from. If pages are served across different instances of the IIS server?
You going to lose session values. As noted, even some un-handled code errors will cause a app-pool re-set. All of these issues add up to easy and frequent loss of sessions.
I would suggest you adopt SQL server based session management. This should eliminate a zillion issues that can cause a session() re-set. I like in- proc. Memory based is fast, and since your not writing the next Facebook, then of course typical server loads are next to nothing (again, this favors use of in-proc sessions). However, since you a have server farm, and some application errors will become problematic? Adopt SQL server based sessions, and 99 if not 100% of your session() re-sets and loss will go away.
this suggestion is MUCH more warranted since you using AWS and you have little control over the VM's they run and their behind the scenes "fabric" controller could for fail safe and redundancy issues be running multiple copies of your server. So, adopt SQL based session management.
Upvotes: 0
Related Questions
- Session becomes null while redirect from another page
- Session variable not maintained on Response.Redirect
- ASP.NET session lost after redirect but only with IE
- Session variable value changes during page redirect. - Response.Redirect
- ASP.NET problem with session / redirect to page
- response.redirect issue in ASP.Net
- IIS ASP.NET Session is lost
- Reset Session on redirect to another page
- asp.net: session clear on response.redirect?
- Losing session variables after redirecting from the page