Hi all,
I posted this question some time ago in an earlier thread but so far I
still don't have an understanding of why this is happening or what I
can do to fix it.
I use Session variables, such as Session("username") to store a lot of
information about who is logged in to my app and what they can do.
Since the app permits certain users to impersonate other users (permits
some users to delegate their work to assistants, who are therefore
impersonating the principals), I allow a user to go back to the login
page and re-log in. But when they return to the home page, which reads
these session variables and displays controls based on what they can or
cannot do, I have to click the browser's refresh button to get the home
page to re-read the session variables. I can't count on my users to do
this (click refresh). How can I guarantee that a page is going to
re-read the session variables when it loads?
I have a simple page for debugging that displays session variables:
<%@ Page Language="VB" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
Protected Sub Page_Load()
lblusername.Text = Session("username").ToString()
End Sub
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Display Session Vars</title>
</head>
<body>
<form id="form1" runat="server">
<div>
username: <asp:Label id="lblusername" runat="server"
/><br/>
</div>
</form>
</body>
</html>
Even this page I have to manually refresh to get it to show the new
value. My web.config file is bare -- there is nothing in there except
for a connection string for a database, and in this case I am not doing
any database calls.
I am wondering if this problem is related to the way this page is
called. When someone changes their username, they go to a login page
to select a new username from a dropdownlist, and when they click the
button to submit the form, code like the following is run:
Dim newUsernameDdl As DropDownList
newUsernameDdl = CType(form.FindControl("ddlUsername"), DropDownList)
Dim newUsername As String = newUsernameDdl.SelectedValue
Session("username") = newUsername
Response.Redirect("default.aspx", False)
When I do a response.redirect, is that somehow telling the app to
reload the default.aspx page from the cache and not re-run it from
scratch? My understanding of the second param in the function
signature (False) is that it tells asp.net to stop processing the
current page (the login page that's doing the redirect).
Anyway, what I really need is some code to tell my default.aspx page
that it needs to go out and grab the very latest values of all the
session variables -- is there a way of doing this?
Thanks in advance.
-- Ned 3 3768
Ned,
Do you think it's possible that the caching is happening at the browser
level? Have you checked your browser settings to see if it is set to
look for a new version of the page on each visit?
You may want to check into settings that will tell browsers not to
cache your pages at all. I don't have the actual property settings and
method calls handy, but that may help.
Gary
Ned Balzer wrote:
Hi all,
I posted this question some time ago in an earlier thread but so far I
still don't have an understanding of why this is happening or what I
can do to fix it.
I use Session variables, such as Session("username") to store a lot of
information about who is logged in to my app and what they can do.
Since the app permits certain users to impersonate other users (permits
some users to delegate their work to assistants, who are therefore
impersonating the principals), I allow a user to go back to the login
page and re-log in. But when they return to the home page, which reads
these session variables and displays controls based on what they can or
cannot do, I have to click the browser's refresh button to get the home
page to re-read the session variables. I can't count on my users to do
this (click refresh). How can I guarantee that a page is going to
re-read the session variables when it loads?
I have a simple page for debugging that displays session variables:
<%@ Page Language="VB" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
Protected Sub Page_Load()
lblusername.Text = Session("username").ToString()
End Sub
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Display Session Vars</title>
</head>
<body>
<form id="form1" runat="server">
<div>
username: <asp:Label id="lblusername" runat="server"
/><br/>
</div>
</form>
</body>
</html>
Even this page I have to manually refresh to get it to show the new
value. My web.config file is bare -- there is nothing in there except
for a connection string for a database, and in this case I am not doing
any database calls.
I am wondering if this problem is related to the way this page is
called. When someone changes their username, they go to a login page
to select a new username from a dropdownlist, and when they click the
button to submit the form, code like the following is run:
Dim newUsernameDdl As DropDownList
newUsernameDdl = CType(form.FindControl("ddlUsername"), DropDownList)
Dim newUsername As String = newUsernameDdl.SelectedValue
Session("username") = newUsername
Response.Redirect("default.aspx", False)
When I do a response.redirect, is that somehow telling the app to
reload the default.aspx page from the cache and not re-run it from
scratch? My understanding of the second param in the function
signature (False) is that it tells asp.net to stop processing the
current page (the login page that's doing the redirect).
Anyway, what I really need is some code to tell my default.aspx page
that it needs to go out and grab the very latest values of all the
session variables -- is there a way of doing this?
Thanks in advance.
-- Ned
Yeah, you may be right. I have been doing all my development and
testing with Firefox 1.5 (most of my users will be using firefox), and
it does claim to cache pages -- no way I've found yet to tell it not to
(in browser settings -- maybe I should add some sort of nocache meta
tag in the head of each page's html. But I would hope that browsers
would see the .aspx extension on the pages they're requesting and know
that the content is dynamic.
Thanks, I'll keep looking (but anyone else reading this, if you have
any suggestions on how to force browsers from the server side to
reload, please chime in!)
-- Ned
Gary wrote:
Ned,
Do you think it's possible that the caching is happening at the browser
level? Have you checked your browser settings to see if it is set to
look for a new version of the page on each visit?
You may want to check into settings that will tell browsers not to
cache your pages at all. I don't have the actual property settings and
method calls handy, but that may help.
Gary
Ned Balzer wrote:
Hi all,
I posted this question some time ago in an earlier thread but so far I
still don't have an understanding of why this is happening or what I
can do to fix it.
I use Session variables, such as Session("username") to store a lot of
information about who is logged in to my app and what they can do.
Since the app permits certain users to impersonate other users (permits
some users to delegate their work to assistants, who are therefore
impersonating the principals), I allow a user to go back to the login
page and re-log in. But when they return to the home page, which reads
these session variables and displays controls based on what they can or
cannot do, I have to click the browser's refresh button to get the home
page to re-read the session variables. I can't count on my users to do
this (click refresh). How can I guarantee that a page is going to
re-read the session variables when it loads?
I have a simple page for debugging that displays session variables:
<%@ Page Language="VB" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
Protected Sub Page_Load()
lblusername.Text = Session("username").ToString()
End Sub
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Display Session Vars</title>
</head>
<body>
<form id="form1" runat="server">
<div>
username: <asp:Label id="lblusername" runat="server"
/><br/>
</div>
</form>
</body>
</html>
Even this page I have to manually refresh to get it to show the new
value. My web.config file is bare -- there is nothing in there except
for a connection string for a database, and in this case I am not doing
any database calls.
I am wondering if this problem is related to the way this page is
called. When someone changes their username, they go to a login page
to select a new username from a dropdownlist, and when they click the
button to submit the form, code like the following is run:
Dim newUsernameDdl As DropDownList
newUsernameDdl = CType(form.FindControl("ddlUsername"), DropDownList)
Dim newUsername As String = newUsernameDdl.SelectedValue
Session("username") = newUsername
Response.Redirect("default.aspx", False)
When I do a response.redirect, is that somehow telling the app to
reload the default.aspx page from the cache and not re-run it from
scratch? My understanding of the second param in the function
signature (False) is that it tells asp.net to stop processing the
current page (the login page that's doing the redirect).
Anyway, what I really need is some code to tell my default.aspx page
that it needs to go out and grab the very latest values of all the
session variables -- is there a way of doing this?
Thanks in advance.
-- Ned
I found some code on another site that seems to fix the problem:
Protected Sub Page_Load(ByVal sender As Object, ByVal e As
System.EventArgs)
Response.Cache.SetCacheability(HttpCacheability.No Cache)
.....
End Sub
-- Ned
Ned Balzer wrote:
Yeah, you may be right. I have been doing all my development and
testing with Firefox 1.5 (most of my users will be using firefox), and
it does claim to cache pages -- no way I've found yet to tell it not to
(in browser settings -- maybe I should add some sort of nocache meta
tag in the head of each page's html. But I would hope that browsers
would see the .aspx extension on the pages they're requesting and know
that the content is dynamic.
Thanks, I'll keep looking (but anyone else reading this, if you have
any suggestions on how to force browsers from the server side to
reload, please chime in!)
-- Ned
Gary wrote:
Ned,
Do you think it's possible that the caching is happening at the browser
level? Have you checked your browser settings to see if it is set to
look for a new version of the page on each visit?
You may want to check into settings that will tell browsers not to
cache your pages at all. I don't have the actual property settings and
method calls handy, but that may help.
Gary
Ned Balzer wrote:
Hi all,
>
I posted this question some time ago in an earlier thread but so far I
still don't have an understanding of why this is happening or what I
can do to fix it.
>
I use Session variables, such as Session("username") to store a lot of
information about who is logged in to my app and what they can do.
Since the app permits certain users to impersonate other users (permits
some users to delegate their work to assistants, who are therefore
impersonating the principals), I allow a user to go back to the login
page and re-log in. But when they return to the home page, which reads
these session variables and displays controls based on what they can or
cannot do, I have to click the browser's refresh button to get the home
page to re-read the session variables. I can't count on my users to do
this (click refresh). How can I guarantee that a page is going to
re-read the session variables when it loads?
>
I have a simple page for debugging that displays session variables:
<%@ Page Language="VB" %>
>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
>
<script runat="server">
Protected Sub Page_Load()
lblusername.Text = Session("username").ToString()
End Sub
</script>
>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Display Session Vars</title>
</head>
<body>
<form id="form1" runat="server">
<div>
username: <asp:Label id="lblusername" runat="server"
/><br/>
</div>
</form>
</body>
</html>
>
Even this page I have to manually refresh to get it to show the new
value. My web.config file is bare -- there is nothing in there except
for a connection string for a database, and in this case I am not doing
any database calls.
>
I am wondering if this problem is related to the way this page is
called. When someone changes their username, they go to a login page
to select a new username from a dropdownlist, and when they click the
button to submit the form, code like the following is run:
Dim newUsernameDdl As DropDownList
newUsernameDdl = CType(form.FindControl("ddlUsername"), DropDownList)
Dim newUsername As String = newUsernameDdl.SelectedValue
Session("username") = newUsername
Response.Redirect("default.aspx", False)
>
When I do a response.redirect, is that somehow telling the app to
reload the default.aspx page from the cache and not re-run it from
scratch? My understanding of the second param in the function
signature (False) is that it tells asp.net to stop processing the
current page (the login page that's doing the redirect).
>
Anyway, what I really need is some code to tell my default.aspx page
that it needs to go out and grab the very latest values of all the
session variables -- is there a way of doing this?
>
Thanks in advance.
>
-- Ned
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Paul |
last post by:
Hmmm, didn't seem to work. I have set session.use_cookies = 1 and
session.use_trans_sid = 1 in my php.ini file. Index.php contains:...
|
by: mrbog |
last post by:
Tell me if my assertion is wrong here:
The only way to prevent session hijacking is to NEVER store
authentication information (such as name/password) in the session.
Well, to never authenticate...
|
by: Martin |
last post by:
Hi all
As my posting title suggests I'm having problems using InProc Session
state in my ASP .NET app.
I wrote a site for a friend which uses ADO .NET to keep track of a
simple...
|
by: jensen bredal |
last post by:
Hello,
i'm struggling with a somehow badly understood session scenario.
I provide acces to my pages based on form authentication using
Session cookies.
Som of my pages are supposed to be...
|
by: jensen bredal |
last post by:
I need to keep track on user "session data" while still turning session off
as
i do not want users login to expire?
Thanks
JB
|
by: dee |
last post by:
Hi,
What is the maximum number of minutes for Session timeout that I can specify
in web.config?
Thanks.
Dee
|
by: tshad |
last post by:
I have been using the default session state (InProc) and have found that I
have been loosing my information after a period of time (normally 20
minutes).
Is there anyway to find out how much...
|
by: Ned Balzer |
last post by:
Hi,
Apologies if this is a newbie question, I haven't found the answer in
any faqs.
I have an asp.net 2.0 page that sets session variables and then
redirects to another page. For the page...
|
by: BillE |
last post by:
When a user opens a new IE browser window using File-New-Window the
integrity of an application which relies on session state is COMPLETELY
undermined. Anyone who overlooks the fact that...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
| |