471,337 Members | 1,061 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 471,337 software developers and data experts.

Problem with Session Variable

Hello:

This was posted in a wrong forum; that's why I am posting here again. Sorry.

I just wrote my first ASP.Net application, tested it on my development
environment and deployed it on a production server. That's when I encountered
a problem. The anonymous access is turned of and Integrated Windows
Authentication is turned on.

In my Global.ASCX, I have coded the Session_Start event
1. I read Request.ServerVariables("Auth_User")
2. Save it as a variable, userid, in the session variable.

Here is the problem:

1. User A signs in and the screen shows that the userid is "User A".
2. User B signs in through another workstation and his user ID shows "User
A" when in fact it should show "User B".

I thought the session is private to the user?

I got feedback that I should not do anything in Global. Also, setting
session variables in the Session_start event is loopy!

Can somebody tell me what I am doing wrong?

Venki

Nov 19 '05 #1
3 1265
strage... not sure if this will be of any help.. you may want to check if
you are using any static variables to assign this value later in some
pages/assembly.. I have seen similar issue with session values getting mixed,
when using a STATIC variable ..

"vvenk" wrote:
Hello:

This was posted in a wrong forum; that's why I am posting here again. Sorry.

I just wrote my first ASP.Net application, tested it on my development
environment and deployed it on a production server. That's when I encountered
a problem. The anonymous access is turned of and Integrated Windows
Authentication is turned on.

In my Global.ASCX, I have coded the Session_Start event
1. I read Request.ServerVariables("Auth_User")
2. Save it as a variable, userid, in the session variable.

Here is the problem:

1. User A signs in and the screen shows that the userid is "User A".
2. User B signs in through another workstation and his user ID shows "User
A" when in fact it should show "User B".

I thought the session is private to the user?

I got feedback that I should not do anything in Global. Also, setting
session variables in the Session_start event is loopy!

Can somebody tell me what I am doing wrong?

Venki

Nov 19 '05 #2
Venki,

could you post your code. This would make it much easier to help you!
Nevertheless from what you write it seems to me that you want to write your
onw authentication code. Check out the authentication part of your web
config. You can get a first impression by reading
http://www.15seconds.com/issue/020220.htm

Does this help?

Best regards

Daniel Walzenbach
"vvenk" <vv***@discussions.microsoft.com> schrieb im Newsbeitrag
news:42**********************************@microsof t.com...
Hello:

This was posted in a wrong forum; that's why I am posting here again.
Sorry.

I just wrote my first ASP.Net application, tested it on my development
environment and deployed it on a production server. That's when I
encountered
a problem. The anonymous access is turned of and Integrated Windows
Authentication is turned on.

In my Global.ASCX, I have coded the Session_Start event
1. I read Request.ServerVariables("Auth_User")
2. Save it as a variable, userid, in the session variable.

Here is the problem:

1. User A signs in and the screen shows that the userid is "User A".
2. User B signs in through another workstation and his user ID shows
"User
A" when in fact it should show "User B".

I thought the session is private to the user?

I got feedback that I should not do anything in Global. Also, setting
session variables in the Session_start event is loopy!

Can somebody tell me what I am doing wrong?

Venki

Nov 19 '05 #3
Daniel:

Here is the code from Global.ASPX:

Sub Application_Start(ByVal sender As Object, ByVal e As EventArgs)
' Fires when the application is started
End Sub

Sub Session_Start(ByVal Sender As Object, ByVal E As EventArgs)

Dim lbOutcome As InnoBox_BO.User._Outcome

loUser = InnoBox_BO.User.GetInstance
loUser.DBConnString = ConfigurationSettings.AppSettings("DSN1")
Try
lbOutcome =
loUser.CreateByUserID(Request.ServerVariables("Aut h_User").ToUpper)
Catch ex As Exception
Server.Transfer("Errors.aspx")
End Try
Session("User") = loUser
Session("DSN1") = ConfigurationSettings.AppSettings("DSN1")
Session("DSN2") = ConfigurationSettings.AppSettings("DSN2")

End Sub

In addition, each form has a Init event coded to make sure that the object,
UserID is available (I am giving an example of one such form):

Private Sub Page_Init(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles MyBase.Init
'CODEGEN: This method call is required by the Web Form Designer
'Do not modify it using the code editor.
InitializeComponent()

Dim lbOutcome As InnoBox_BO.User._Outcome
Dim loUser As InnoBox_BO.User

If Session("User") Is Nothing Then
loUser = InnoBox_BO.User.GetInstance
Try
lbOutcome =
loUser.CreateByUserID(Request.ServerVariables("Aut h_User").ToUpper)
Catch ex As Exception
Server.Transfer("Errors.aspx")
End Try
loUser = Session("User")
End If
If Session("User").FirstName = Nothing Or Session("User").LastName =
Nothing Then
Server.Transfer("MyProfile.aspx")
End If
End Sub

Thanks for our help
Venki

"Daniel Walzenbach" wrote:
Venki,

could you post your code. This would make it much easier to help you!
Nevertheless from what you write it seems to me that you want to write your
onw authentication code. Check out the authentication part of your web
config. You can get a first impression by reading
http://www.15seconds.com/issue/020220.htm

Does this help?

Best regards

Daniel Walzenbach
"vvenk" <vv***@discussions.microsoft.com> schrieb im Newsbeitrag
news:42**********************************@microsof t.com...
Hello:

This was posted in a wrong forum; that's why I am posting here again.
Sorry.

I just wrote my first ASP.Net application, tested it on my development
environment and deployed it on a production server. That's when I
encountered
a problem. The anonymous access is turned of and Integrated Windows
Authentication is turned on.

In my Global.ASCX, I have coded the Session_Start event
1. I read Request.ServerVariables("Auth_User")
2. Save it as a variable, userid, in the session variable.

Here is the problem:

1. User A signs in and the screen shows that the userid is "User A".
2. User B signs in through another workstation and his user ID shows
"User
A" when in fact it should show "User B".

I thought the session is private to the user?

I got feedback that I should not do anything in Global. Also, setting
session variables in the Session_start event is loopy!

Can somebody tell me what I am doing wrong?

Venki


Nov 19 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

1 post views Thread by Nick Whitelegg | last post: by
1 post views Thread by Jonathan Chong | last post: by
1 post views Thread by farooqazeem | last post: by
6 posts views Thread by Scott Zabolotzky | last post: by
1 post views Thread by Andrew | last post: by
3 posts views Thread by Philip Tepedino | last post: by
13 posts views Thread by Simon Matthews | last post: by
8 posts views Thread by Nacho | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.