It seems that many people experience problems with mix-ups and
non-intentional sharing of sessions in ASP.NET. This is often tracked
down to the use of static variables for user data, which are indeed
shared and overwritten among all users.
I have this problem as well in one of my applications. However, there
are no static variables, but there are static methods in my (sealed)
SessionStateManager class, like this one:
public static User CurrentUser
{
get
{
if(HttpContext.Current.Session[SessionUser]==null)
{
User currentUser = new User();
HttpContext.Current.Session[SessionUser] = currentUser;
return currentUser;
}
else
{
return (User)HttpContext.Current.Session[SessionUser];
}
}
set
{
HttpContext.Current.Session[SessionUser] = value;
}
}
Will this design cause trouble? I mean, HttpContext.Current.Session
should still be unique, right or wrong?
Cheers,
Johan Sjöström
MSc, MCAD, MCTS, MCITP
4  2519 
I am not sure why you are doing what you are doing, but static methods do
not pose a huge problem. The output will be determined as the routine is run
and it will not, as written, cache anything.
--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA http://gregorybeamer.spaces.live.com
********************************************
Think outside the box!
********************************************
"Johan Sjöström" <da********@hotmail.comwrote in message
news:11*********************@11g2000cwr.googlegrou ps.com...
It seems that many people experience problems with mix-ups and
non-intentional sharing of sessions in ASP.NET. This is often tracked
down to the use of static variables for user data, which are indeed
shared and overwritten among all users.
I have this problem as well in one of my applications. However, there
are no static variables, but there are static methods in my (sealed)
SessionStateManager class, like this one:
public static User CurrentUser
{
get
{
if(HttpContext.Current.Session[SessionUser]==null)
{
User currentUser = new User();
HttpContext.Current.Session[SessionUser] = currentUser;
return currentUser;
}
else
{
return (User)HttpContext.Current.Session[SessionUser];
}
}
set
{
HttpContext.Current.Session[SessionUser] = value;
}
}
Will this design cause trouble? I mean, HttpContext.Current.Session
should still be unique, right or wrong?
Cheers,
Johan Sjöström
MSc, MCAD, MCTS, MCITP
Thanks Gregory,
I am trying to pin-point the reason why the sessions in my ASP.NET 1.1
web application sometimes get mixed up, i.e. why userA all of the
sudden sees userB's data. This topic has been dealt with before in this
newsgroup, and it often comes down to the (mis)use of static variables.
Some have insinuated that there are bugs in ASP.NET due to the high
frequency of posts similar to this one. More often that not though,
coding errors prove to be the cause.
The example showed one of the typical methods in my SessionStateManager
class. I use static methods but not static variables. Even so, session
mix-ups do occur sometimes. Not often, but too often to be neglected.
But you confirm that this method, as displayed, should be safe to use
in a multi-(inproc)-session web application? (In that case, the error
is elsewhere and is not static-related).
Cheers,
Johan Sjöström
MSc, MCAD, MCTS, MCITP
Cowboy (Gregory A. Beamer) skrev:
I am not sure why you are doing what you are doing, but static methods do
not pose a huge problem. The output will be determined as the routine is run
and it will not, as written, cache anything.
--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA
http://gregorybeamer.spaces.live.com
********************************************
Think outside the box!
********************************************
"Johan Sjöström" <da********@hotmail.comwrote in message
news:11*********************@11g2000cwr.googlegrou ps.com...
It seems that many people experience problems with mix-ups and
non-intentional sharing of sessions in ASP.NET. This is often tracked
down to the use of static variables for user data, which are indeed
shared and overwritten among all users.
I have this problem as well in one of my applications. However, there
are no static variables, but there are static methods in my (sealed)
SessionStateManager class, like this one:
public static User CurrentUser
{
get
{
if(HttpContext.Current.Session[SessionUser]==null)
{
User currentUser = new User();
HttpContext.Current.Session[SessionUser] = currentUser;
return currentUser;
}
else
{
return (User)HttpContext.Current.Session[SessionUser];
}
}
set
{
HttpContext.Current.Session[SessionUser] = value;
}
}
Will this design cause trouble? I mean, HttpContext.Current.Session
should still be unique, right or wrong?
Cheers,
Johan Sjöström
MSc, MCAD, MCTS, MCITP
your sample code is thread safe. static methods are fine, only static
data is shared. object methods are really static, they just have access
to the instance data.
another common problem of mixed data is using a sta com object, and not
telling asp.net to use a single thread for each request (aspcompat). of
course the only supported way to use a sta in a webservice is to start
your own thread.
-- bruce (sqlwork.com)
Johan Sjöström wrote:
Thanks Gregory,
I am trying to pin-point the reason why the sessions in my ASP.NET 1.1
web application sometimes get mixed up, i.e. why userA all of the
sudden sees userB's data. This topic has been dealt with before in this
newsgroup, and it often comes down to the (mis)use of static variables.
Some have insinuated that there are bugs in ASP.NET due to the high
frequency of posts similar to this one. More often that not though,
coding errors prove to be the cause.
The example showed one of the typical methods in my SessionStateManager
class. I use static methods but not static variables. Even so, session
mix-ups do occur sometimes. Not often, but too often to be neglected.
But you confirm that this method, as displayed, should be safe to use
in a multi-(inproc)-session web application? (In that case, the error
is elsewhere and is not static-related).
Cheers,
Johan Sjöström
MSc, MCAD, MCTS, MCITP
Cowboy (Gregory A. Beamer) skrev:
>I am not sure why you are doing what you are doing, but static methods do
not pose a huge problem. The output will be determined as the routine is run
and it will not, as written, cache anything.
--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA
http://gregorybeamer.spaces.live.com
********************************************
Think outside the box!
********************************************
"Johan Sjöström" <da********@hotmail.comwrote in message
news:11*********************@11g2000cwr.googlegro ups.com...
It seems that many people experience problems with mix-ups and
non-intentional sharing of sessions in ASP.NET. This is often tracked
down to the use of static variables for user data, which are indeed
shared and overwritten among all users.
I have this problem as well in one of my applications. However, there
are no static variables, but there are static methods in my (sealed)
SessionStateManager class, like this one:
public static User CurrentUser
{
get
{
if(HttpContext.Current.Session[SessionUser]==null)
{
User currentUser = new User();
HttpContext.Current.Session[SessionUser] = currentUser;
return currentUser;
}
else
{
return (User)HttpContext.Current.Session[SessionUser];
}
}
set
{
HttpContext.Current.Session[SessionUser] = value;
}
}
Will this design cause trouble? I mean, HttpContext.Current.Session
should still be unique, right or wrong?
Cheers,
Johan Sjöström
MSc, MCAD, MCTS, MCITP
Thanks for the acknowledgement Bruce.
I'll keep looking for other type of coding errors then.
Cheers,
Johan Sjöström
MSc, MCAD, MCTS, MCITP
bruce barker skrev:
your sample code is thread safe. static methods are fine, only static
data is shared. object methods are really static, they just have access
to the instance data.
another common problem of mixed data is using a sta com object, and not
telling asp.net to use a single thread for each request (aspcompat). of
course the only supported way to use a sta in a webservice is to start
your own thread.
-- bruce (sqlwork.com)
Johan Sjöström wrote:
Thanks Gregory,
I am trying to pin-point the reason why the sessions in my ASP.NET 1.1
web application sometimes get mixed up, i.e. why userA all of the
sudden sees userB's data. This topic has been dealt with before in this
newsgroup, and it often comes down to the (mis)use of static variables.
Some have insinuated that there are bugs in ASP.NET due to the high
frequency of posts similar to this one. More often that not though,
coding errors prove to be the cause.
The example showed one of the typical methods in my SessionStateManager
class. I use static methods but not static variables. Even so, session
mix-ups do occur sometimes. Not often, but too often to be neglected.
But you confirm that this method, as displayed, should be safe to use
in a multi-(inproc)-session web application? (In that case, the error
is elsewhere and is not static-related).
Cheers,
Johan Sjöström
MSc, MCAD, MCTS, MCITP
Cowboy (Gregory A. Beamer) skrev:
I am not sure why you are doing what you are doing, but static methodsdo
not pose a huge problem. The output will be determined as the routine is run
and it will not, as written, cache anything.
--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA
http://gregorybeamer.spaces.live.com
********************************************
Think outside the box!
********************************************
"Johan Sjöström" <da********@hotmail.comwrote in message
news:11*********************@11g2000cwr.googlegrou ps.com...
It seems that many people experience problems with mix-ups and
non-intentional sharing of sessions in ASP.NET. This is often tracked
down to the use of static variables for user data, which are indeed
shared and overwritten among all users.
I have this problem as well in one of my applications. However, there
are no static variables, but there are static methods in my (sealed)
SessionStateManager class, like this one:
public static User CurrentUser
{
get
{
if(HttpContext.Current.Session[SessionUser]==null)
{
User currentUser = new User();
HttpContext.Current.Session[SessionUser] = currentUser;
return currentUser;
}
else
{
return (User)HttpContext.Current.Session[SessionUser];
}
}
set
{
HttpContext.Current.Session[SessionUser] = value;
}
}
Will this design cause trouble? I mean, HttpContext.Current.Session
should still be unique, right or wrong?
Cheers,
Johan Sjöström
MSc, MCAD, MCTS, MCITP
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Roland Hall |
last post by:
I eliminated cookies from my shopping cart this morning. I'm now using
sessions to keep track of users.
In my global.asa I have the following:
sub Session_onStart
session.Timeout = 20...
|
by: Flemming Jensen |
last post by:
The idea behind this code is to standardize all my webpages in an
application to look the same by inheriting the pages from a userdefined
class. But it gives me problems regarding sessionstate...
...
|
by: mike parr |
last post by:
I want to use cookies on my website, simply to identify the user when
they come to my website (I will just be writing one for new users and
reading from people who are already users when they reach...
|
by: Mikko Penkkimäki |
last post by:
Hi
Looks like I can not change Web page's timeout setting. In practise it's all
the time 20 minutes - no matter what I do.
I have this kind of setting in web.config:
<sessionState...
|
by: Ralf Müller |
last post by:
hi all!
in my custom HttpHandler HttpContext.Current.Session is not set - why?
greetings, ralf
|
by: ivanL |
last post by:
In web.config, I can set SessionState mode to "Off" while using Forms
authentication, they have 2 diff mechanisms, is this correct?
|
by: jensen bredal |
last post by:
Hello,
i was not able to find any documentation about the largest value one can
assign the "timeout" attribute of the
<sessionState section in web.config.
any idea?
|
by: Krishnan |
last post by:
Hi,
Could anyone please let me know how to read SessionState setting from the
Web.Config file into an ASPNET application?
TIA
Krishnan
|
by: Mr Ideas Man |
last post by:
Hi all,
Relating to a post i made earlier...
I am deploying a asp.net app to my web host.
They assure me that the directory i am copying my files to is configured as
an IIS Application.
...
|
by: Med |
last post by:
Hi,
My Settings in web.config:
<sessionState
mode="StateServer"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;
Trusted_Connection=yes"...
|
by: lllomh |
last post by:
Define the method first
this.state = {
buttonBackgroundColor: 'green',
isBlinking: false, // A new status is added to identify whether the button is blinking or not
}
autoStart=()=>{
|
by: DJRhino |
last post by:
Was curious if anyone else was having this same issue or not....
I was just Up/Down graded to windows 11 and now my access combo boxes are not acting right. With win 10 I could start typing...
|
by: Aliciasmith |
last post by:
In an age dominated by smartphones, having a mobile app for your business is no longer an option; it's a necessity. Whether you're a startup or an established enterprise, finding the right mobile app...
|
by: tracyyun |
last post by:
Hello everyone,
I have a question and would like some advice on network connectivity. I have one computer connected to my router via WiFi, but I have two other computers that I want to be able to...
|
by: giovanniandrean |
last post by:
The energy model is structured as follows and uses excel sheets to give input data:
1-Utility.py contains all the functions needed to calculate the variables and other minor things (mentions...
|
by: Teri B |
last post by:
Hi, I have created a sub-form Roles. In my course form the user selects the roles assigned to the course.
0ne-to-many. One course many roles.
Then I created a report based on the Course form and...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 1 Nov 2023 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM)
Please note that the UK and Europe revert to winter time on...
|
by: nia12 |
last post by:
Hi there,
I am very new to Access so apologies if any of this is obvious/not clear.
I am creating a data collection tool for health care employees to complete. It consists of a number of...
|
by: NeoPa |
last post by:
Introduction
For this article I'll be focusing on the Report (clsReport) class. This simply handles making the calling Form invisible until all of the Reports opened by it have been closed, when it...
| | |
