473,396 Members | 1,891 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,396 software developers and data experts.

Session State across ASP.NET apps

Ok, I know that .net inherently does not share session data across asp.net
projects, but is there any decent work around to this.
We already have a big chunk of our application using the asp.net session
object (using state service). I'd like to start breaking out
our functionality into component projects, but I'd like to get this session
issue worked out first.

Any ideas??

I found this article , but it sounds like kind of a pain.

http://www.asp101.com/articles/jayra...te/default.asp

Nov 18 '05 #1
3 3420
Set the encrypt and decrypt key to the same value in each web. Then, set the
authentication cookie name (forms auth) to the same name. This will
authenticate the user once for any number of servers. NOTE: If you farm, you
will have to use the same Session Server for all machine (I have not
personally tested this, however).

For session variables, I have yet to have found a solution. Currently, we
persist session vars in a SQL Server database with a timestamp (cleared out
12 hours later). You can then grab the vars in the other app.

I have a theory that placing the applications in the same pool in IIS might
allow sharing of session vars, but have not tested it. Another possibility
is to set up a web service in each app to pass vars to the other app. Since
the web service would recognize the session ID, it could pass back the info.
NOTE: For high security, you would have to encrypt the data before throwing
into the web service return, as a sniffer could get session IDs and query
your web service. I have not tested this yet, either.

As for the article you link to, you can do what the article suggests without
the massive delete, edit the .webinfo file crap if you set up the parent app
and make the other "apps" subdirs of the parent app (importing, if child
apps already completed). This is really a non-solution for most of us, as
you are essentially killing the child apps and making a single parent app
with all of your applications. You cannot set up the application on a unique
CName, like app1.mydomain.com, as it is tied to the other apps*. Yuck!

* Actually, there is a way to kludge that too, but also not recommended.

--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

************************************************
Think Outside the Box!
************************************************

"Mark" <ma*****@kc.rr.com> wrote in message
news:%2****************@TK2MSFTNGP09.phx.gbl...
Ok, I know that .net inherently does not share session data across asp.net
projects, but is there any decent work around to this.
We already have a big chunk of our application using the asp.net session
object (using state service). I'd like to start breaking out
our functionality into component projects, but I'd like to get this session issue worked out first.

Any ideas??

I found this article , but it sounds like kind of a pain.

http://www.asp101.com/articles/jayra...te/default.asp


Nov 18 '05 #2
Yeah, we are already using a central (single) state server for all web
servers in our farm, so I knew about the encrypt decrypt thing for that.

I'm just talking about sharing the session between apps. I'm aware of some
of the hacks you mentioned. I guess I'm just looking for a fairly clean
solution, but it doesn't look like that exists.

thanks .

"Cowboy" <No************@comcast.netNoSpamM> wrote in message
news:uC**************@TK2MSFTNGP12.phx.gbl...
Set the encrypt and decrypt key to the same value in each web. Then, set the authentication cookie name (forms auth) to the same name. This will
authenticate the user once for any number of servers. NOTE: If you farm, you will have to use the same Session Server for all machine (I have not
personally tested this, however).

For session variables, I have yet to have found a solution. Currently, we
persist session vars in a SQL Server database with a timestamp (cleared out 12 hours later). You can then grab the vars in the other app.

I have a theory that placing the applications in the same pool in IIS might allow sharing of session vars, but have not tested it. Another possibility
is to set up a web service in each app to pass vars to the other app. Since the web service would recognize the session ID, it could pass back the info. NOTE: For high security, you would have to encrypt the data before throwing into the web service return, as a sniffer could get session IDs and query
your web service. I have not tested this yet, either.

As for the article you link to, you can do what the article suggests without the massive delete, edit the .webinfo file crap if you set up the parent app and make the other "apps" subdirs of the parent app (importing, if child
apps already completed). This is really a non-solution for most of us, as
you are essentially killing the child apps and making a single parent app
with all of your applications. You cannot set up the application on a unique CName, like app1.mydomain.com, as it is tied to the other apps*. Yuck!

* Actually, there is a way to kludge that too, but also not recommended.

--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

************************************************
Think Outside the Box!
************************************************

"Mark" <ma*****@kc.rr.com> wrote in message
news:%2****************@TK2MSFTNGP09.phx.gbl...
Ok, I know that .net inherently does not share session data across asp.net projects, but is there any decent work around to this.
We already have a big chunk of our application using the asp.net session
object (using state service). I'd like to start breaking out
our functionality into component projects, but I'd like to get this

session
issue worked out first.

Any ideas??

I found this article , but it sounds like kind of a pain.

http://www.asp101.com/articles/jayra...te/default.asp


Nov 18 '05 #3
Hi. I've seen this question a bunch of times, and I was interested in it as well, so I tried to pull together everyone's info.
Session state cannot (and should not) be shared because it would be unsecure to do so. In fact, session data isn't completely secure unless you force an SSL connection. Even then, there are issues with older versions of IIS (5.1 and below) where your session state is lost of you browse from an SSL connection to a non-SSL connection, or vice versa.

Using the application object will persist data in the application collection and make it available to all sessions in an app, but there's no way to restrict access.

So, alternatives to sharing session state seem to be:

- Use a SQL database to persist session variables at the end of each session. This allows for access restrictions. You can use the client's cookie as an identifier if you wish. (from 2 seperate posts)

- Implement your own COM component with shared data. Your apps would call that component.

- Use a message queuing system like MSMQ to save or cache data in a "queue which can either
reside locally or on a dedicated server. Any application can read the queue
once it knows the path to the queue - it typically does
You can store the message in any format from text, to
full blown datasets or custom objects. You can think of the msmq as a robust
caching strategy over a network. It's a good approach because the msmq can
be configured to be fail safe (survive reboots), back up messages, provide
confirmation etc. In addition, msmq can be programmed in a line or two, but
it does require the msmq service to installed and running on the machine." (from "How can I share cached data between web clients?")

- Use the solution in the article at http://www.asp101.com/articles/jayra...te/default.asp. However, one poster said, "you can do what the article suggests without
the massive delete, edit the .webinfo file crap if you set up the parent app
and make the other "apps" subdirs of the parent app (importing, if child
apps already completed). This is really a non-solution for most of us, as
you are essentially killing the child apps and making a single parent app
with all of your applications. You cannot set up the application on a unique
CName, like app1.mydomain.com, as it is tied to the other apps*. Yuck"

- Use remoting.

- Use the Caching Application block.

A good topic on MSDN is "State Management Recommendations" at http://msdn.microsoft.com/library/de...tateoption.asp. It outlines some of the options above.

"Mark" wrote:
Yeah, we are already using a central (single) state server for all web
servers in our farm, so I knew about the encrypt decrypt thing for that.

I'm just talking about sharing the session between apps. I'm aware of some
of the hacks you mentioned. I guess I'm just looking for a fairly clean
solution, but it doesn't look like that exists.

thanks .

"Cowboy" <No************@comcast.netNoSpamM> wrote in message
news:uC**************@TK2MSFTNGP12.phx.gbl...
Set the encrypt and decrypt key to the same value in each web. Then, set

the
authentication cookie name (forms auth) to the same name. This will
authenticate the user once for any number of servers. NOTE: If you farm,

you
will have to use the same Session Server for all machine (I have not
personally tested this, however).

For session variables, I have yet to have found a solution. Currently, we
persist session vars in a SQL Server database with a timestamp (cleared

out
12 hours later). You can then grab the vars in the other app.

I have a theory that placing the applications in the same pool in IIS

might
allow sharing of session vars, but have not tested it. Another possibility
is to set up a web service in each app to pass vars to the other app.

Since
the web service would recognize the session ID, it could pass back the

info.
NOTE: For high security, you would have to encrypt the data before

throwing
into the web service return, as a sniffer could get session IDs and query
your web service. I have not tested this yet, either.

As for the article you link to, you can do what the article suggests

without
the massive delete, edit the .webinfo file crap if you set up the parent

app
and make the other "apps" subdirs of the parent app (importing, if child
apps already completed). This is really a non-solution for most of us, as
you are essentially killing the child apps and making a single parent app
with all of your applications. You cannot set up the application on a

unique
CName, like app1.mydomain.com, as it is tied to the other apps*. Yuck!

* Actually, there is a way to kludge that too, but also not recommended.

--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

************************************************
Think Outside the Box!
************************************************

"Mark" <ma*****@kc.rr.com> wrote in message
news:%2****************@TK2MSFTNGP09.phx.gbl...
Ok, I know that .net inherently does not share session data across asp.net projects, but is there any decent work around to this.
We already have a big chunk of our application using the asp.net session
object (using state service). I'd like to start breaking out
our functionality into component projects, but I'd like to get this

session
issue worked out first.

Any ideas??

I found this article , but it sounds like kind of a pain.

http://www.asp101.com/articles/jayra...te/default.asp



Nov 18 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

8
by: ndsoumah | last post by:
hello guys I'm trying to get access to variables I put in a session variable from another page and it fails... here's the exact situation main file page1.php
2
by: Brad | last post by:
Hi everyone, I've been using ASP on a few different projects over the past year, either using Javascript or VBScript. During that time, I've made use of session variables, but even then, I've...
4
by: Bill Dodd | last post by:
Is there really no way to have different asp.net applications share session variables? The problem I'm running into is that I have numerous asp.net (and asp) applications that were written as...
3
by: grooby | last post by:
I would like to develop an asp.net Web application using muliple web projects under one solution file and share the session information between web applications( or projects). Is this possible?
10
by: Anthony Williams | last post by:
Hi gang, This one looks like a bug :o( As you may or may not know, setting session management in web.config to use cookieless sessions causes the ASP.NET runtime to munge a session ID into...
9
by: McGeeky | last post by:
Is there a way to get a user control to remember its state across pages? I have a standard page layout I use with a header and footer as user controls. Each page uses the same layout by means of...
0
by: Oli | last post by:
My company has developed 2 win apps and 1 web app. All 3 apps use a 'common' business logic component (vb.net dll) and data access component. We recently refactored the common components to use...
1
by: =?Utf-8?B?TmVpbGUgQmVybXVkZXM=?= | last post by:
Hi there My team is responsible for designing the architecture of the web hosting environment in my orgnaisation. We plan to implement an IIS web farm, load balanced by a couple of industry...
0
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
0
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
0
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
1
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
1
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
0
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
0
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
0
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
0
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.