I agree with DD85. thats why the solution which i gave is similar to what you have suggested.
In my solution I'll be creating new "Session ID" which is always unique so the user don't have to worry about any concatenation opreation for its uniqueness.
But what Neluru is asking is straight forward. he wants to create new session for each tab (i.e session ID).
We were having the issue of our users wanting to do work on multiple departmental approvals at the same time and so they opened multiple tabs. We could prevent a second login by checking to see if the user was already authenticated, but we had issues with
them doing the Cut/paste of the url in the second tab. They would then do work on the second BatchReview.aspx page for a new batch, then click on the first tab with BatchReview.aspx data from prior batch. The minute they click on a button, we redirect them
to our error page. We don't clear out the session/cookie since we want to allow them to continue working in the second tab.
Our solution is not fancy nor even clever, but it works.
Our application uses a master page that calls in a web content page which has security testing.
If the user is in the proper role for the application chosen, we load a user web control with the data they can modify. We changed the content page to be the following:
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If Not Page.IsPostBack Then
SaveSessionInfo()
Else
CheckSessionInfo()
End If
End Sub
Private Sub SaveSessionInfo()
Dim guid As System.Guid = System.Guid.NewGuid()
Dim SessionId As String = guid.ToString()
ViewState.Add("SessionID", SessionId.ToString())
Session.Add("SessionID", SessionId.ToString())
End Sub
Private Sub CheckSessionInfo()
If Session("SessionID") = ViewState("SessionID") Then
ApplyScreenPermissions()
Else
Response.Redirect("~/MultiTabError.aspx", True)
End If
End Sub
So far our users haven't tried to go around this by opening yet another tab etc. It has quickly trained them not to try it.
I tried to add the unique value along with the session but still facing the same problem.Can you please tell me how to do it and where to store the strID in the application as it is getting overridden in other tab.
How can I maintain Unique Session ID between IE7 tabs. When I am trying to paste the URL in the next Tab, The page is taking the pervious session ID and the page is opened.
I need to close the session ID in the new tab and get back the page to Login page.
Please help me in fixing this problem.
Its simple: Just Make the <sessionState cookieless="true"/> in web.config
I was more aiming at the sluoting in this thread which mentioned above to add strID Session("Name" + strID) to session so that the session will be unique through tabs.
I tried adding the uniqueid in strID and added it to the session but i need to access it through all the pages so dont know where to add the value so that i can get it in all pages while retreiving the session
You need to store it in the DataBase with the column "SessionID","UserID","IsAlive". Given column fiels is just assumption , its upto your choice how you want your table structures to be. With above field you can keep track of the session that is alive
for the logged in user, if that user logs out, set IsActive column to 0. so that next time when you do select operation on the above table to get Session that is alive for logged in User you can get those session that is alive with the value 1 in the IsAlive
column.
I was trying to use this approach and use a combination of GUID and User Name to work as 'strID. Now my problem is how do I retain this value between pages - cant rely on session since we are doing this to address an issue with session state.
yasir.kamal
Member
28 Points
9 Posts
Re: Unique Session between IE7 Tabs
Dec 07, 2009 08:25 AM|LINK
I agree with DD85. thats why the solution which i gave is similar to what you have suggested.
In my solution I'll be creating new "Session ID" which is always unique so the user don't have to worry about any concatenation opreation for its uniqueness.
But what Neluru is asking is straight forward. he wants to create new session for each tab (i.e session ID).
hope it clears the doubt.
ELiva
Member
29 Points
19 Posts
Re: Unique Session between IE7 Tabs
Dec 08, 2009 08:55 PM|LINK
We were having the issue of our users wanting to do work on multiple departmental approvals at the same time and so they opened multiple tabs. We could prevent a second login by checking to see if the user was already authenticated, but we had issues with them doing the Cut/paste of the url in the second tab. They would then do work on the second BatchReview.aspx page for a new batch, then click on the first tab with BatchReview.aspx data from prior batch. The minute they click on a button, we redirect them to our error page. We don't clear out the session/cookie since we want to allow them to continue working in the second tab.
Our solution is not fancy nor even clever, but it works.
Our application uses a master page that calls in a web content page which has security testing.
If the user is in the proper role for the application chosen, we load a user web control with the data they can modify. We changed the content page to be the following:
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If Not Page.IsPostBack Then
SaveSessionInfo()
Else
CheckSessionInfo()
End If
End Sub
Private Sub SaveSessionInfo()
Dim guid As System.Guid = System.Guid.NewGuid()
Dim SessionId As String = guid.ToString()
ViewState.Add("SessionID", SessionId.ToString())
Session.Add("SessionID", SessionId.ToString())
End Sub
Private Sub CheckSessionInfo()
If Session("SessionID") = ViewState("SessionID") Then
ApplyScreenPermissions()
Else
Response.Redirect("~/MultiTabError.aspx", True)
End If
End Sub
So far our users haven't tried to go around this by opening yet another tab etc. It has quickly trained them not to try it.
ELiva
Member
29 Points
19 Posts
Re: Unique Session between IE7 Tabs
Dec 08, 2009 09:14 PM|LINK
Just as an added mention....
The code also works if you just put it in the Master page only (if you want to prevent ALL pages from session sharing vs. just a few).
deepmalaRao
Member
8 Points
4 Posts
Re: Unique Session between IE7 Tabs
Jun 16, 2010 11:10 AM|LINK
Hi,
I tried to add the unique value along with the session but still facing the same problem.Can you please tell me how to do it and where to store the strID in the application as it is getting overridden in other tab.
Please Help...
Deepa
vikasrulez
Participant
776 Points
183 Posts
Re: Unique Session between IE7 Tabs
Jun 16, 2010 11:26 AM|LINK
Its simple: Just Make the <sessionState cookieless="true"/> in web.config
deepmalaRao
Member
8 Points
4 Posts
Re: Unique Session between IE7 Tabs
Jun 16, 2010 12:12 PM|LINK
Thankyou for the quick reply
I was more aiming at the sluoting in this thread which mentioned above to add strID Session("Name" + strID) to session so that the session will be unique through tabs.
I tried adding the uniqueid in strID and added it to the session but i need to access it through all the pages so dont know where to add the value so that i can get it in all pages while retreiving the session
urgent help...
Thanks,
Deepa
yasir.kamal
Member
28 Points
9 Posts
Re: Unique Session between IE7 Tabs
Jun 18, 2010 11:09 AM|LINK
Hi deepa,
You need to store it in the DataBase with the column "SessionID","UserID","IsAlive". Given column fiels is just assumption , its upto your choice how you want your table structures to be. With above field you can keep track of the session that is alive for the logged in user, if that user logs out, set IsActive column to 0. so that next time when you do select operation on the above table to get Session that is alive for logged in User you can get those session that is alive with the value 1 in the IsAlive column.
Regards,
yasir.
antelux
Member
4 Points
2 Posts
Re: Unique Session between IE7 Tabs
Dec 01, 2010 08:10 PM|LINK
I was trying to use this approach and use a combination of GUID and User Name to work as 'strID. Now my problem is how do I retain this value between pages - cant rely on session since we are doing this to address an issue with session state.
yasir.kamal
Member
28 Points
9 Posts
Re: Unique Session between IE7 Tabs
Dec 02, 2010 12:23 PM|LINK
Hi,
If you dont want to rely on Session then the only way is to use query string to get value what you expecting accross pages.
Set on while redirecting to the other pages e.g
../UI/test.aspx?strID="+ GUID;
Then use Request.QueryString["strID"] to get value in the test.aspx.cs page load.
Yasir.
kratos_Vimal
Contributor
3744 Points
960 Posts
Re: Unique Session between IE7 Tabs
Dec 02, 2010 03:55 PM|LINK
in web config what is your authentication mode is it
1.windows
2.forms
Vimal