3. I published my VS2010 project to my LocalHost as a true web site
http://mySessionState.Test. My desktop has Windows 7 64Bits. Witj IIS-7.x installed.
4. I fired up two separate MSIE instances on the same PC. Each with a CreateUserWizard control. In my CreateUserWizard control, I coded the following EventHandler:
6. When I clicked Finish button from the CreateUserWizard control on both MSIE instances (one right after another), I received the same Session ID (yes: same SID). Why?
I read somewhere that each instance of MSIE that a user fires up, the web server would create a unique Session ID just for that very instance. And that the original SID would remain until one exits the web browser (using X to end the MSIE process as example). But
in my case it did not. It uses the same SID on both separate instances on the same PC.
7. Why am I concern? Because I use Session ID as Unique ID to identify Session state values so that people donot get data from each others. By using Session ID, only my browser session would get them!
For example: Session[Session.SessionID+LogonID.Text]=LogonID.Text; This way the logon ID would belong to only one user based on his/her Session ID.
The
SessionID property is used to uniquely identify a browser with session data on the server. The SessionID value is randomly generated by ASP.NET and stored in a non-expiring session cookie in the
browser. The SessionID value is then sent in a cookie with each request to the ASP.NET application.
You use the same browser, So the SessionID are the same.
Try to use a IE and a chrome, the Session ID will diffrent.
Thanks for your response. No, it is not quite true. You may wish to open as many MSIE instances on your desktop PC as you want. And I just openned two instances (under Windows 7), each gave me a different Session ID against the same application in the same
PC undwer IIS 6.1 (Win 7). However, when I clicked to advance to next page of each instance, then one right after another, both instances gave me the same Session ID of the 2nd instance. As a result the 1st instance got the data from the 2nd instance instead
of its own because IIS 6.x gave it to the 1st one. So I do think it is a bug. Though I have not tested on a true remote (separate) IIS server yet.
If you like and have sometimes, create a simple website (Localhost) with 2 pages. The Login page and a default page. Display Session ID and session states in each page at Page_Load time to see what you get.
In summary, it is not consistent, some times I opened 2 instances of MSIE and each got its own Session ID from the 1st time, some other times not (both got same SID).
I would like to not worry of that! We are an internet shop. Certainly telling Internet clients click File/New session and others mind-boggling things is not in my mind! And yes, an average Joe and Mary out there will not remember it!
rBlohm
Member
18 Points
13 Posts
Question about "Unique Session ID" per Browser instance.
Feb 12, 2012 04:03 PM|LINK
1. I am using .Net Framework 4.x
I am using SQL Server 2008 Standard Edition to serve as Session State service.
I am running VS2010.
Iam running MSIE version 9.x
2. I created the web site (http://mySessionState.Test) using Win 7/IIS-7.x
3. I published my VS2010 project to my LocalHost as a true web site http://mySessionState.Test. My desktop has Windows 7 64Bits. Witj IIS-7.x installed.
4. I fired up two separate MSIE instances on the same PC. Each with a CreateUserWizard control. In my CreateUserWizard control, I coded the following EventHandler:
protected void RegisterUser_CreatedUser(object sender, EventArgs e)
{
Session["CreatedUser"]=RegisterUser.UserName+"; SID="+Session.SessionID;
Response.Redirect("~/ViewMySession.aspx",true);
}
5. In ViewMySession.aspx page I coded the following EventHandler to examine my SessionID and its Session State value:
protected void Page_Load(object sender, EventArgs e)
{
LabelSID.Text=Session["CreatedUser"]+"; "+Session.SessionID;
}
6. When I clicked Finish button from the CreateUserWizard control on both MSIE instances (one right after another), I received the same Session ID (yes: same SID). Why?
I read somewhere that each instance of MSIE that a user fires up, the web server would create a unique Session ID just for that very instance. And that the original SID would remain until one exits the web browser (using X to end the MSIE process as example). But in my case it did not. It uses the same SID on both separate instances on the same PC.
7. Why am I concern? Because I use Session ID as Unique ID to identify Session state values so that people donot get data from each others. By using Session ID, only my browser session would get them!
For example: Session[Session.SessionID+LogonID.Text]=LogonID.Text; This way the logon ID would belong to only one user based on his/her Session ID.
Thanks for your help.
Robert
Dino He - MS...
Star
8068 Points
1023 Posts
Microsoft
Re: Question about "Unique Session ID" per Browser instance.
Feb 14, 2012 07:26 AM|LINK
Hi
The SessionID property is used to uniquely identify a browser with session data on the server. The SessionID value is randomly generated by ASP.NET and stored in a non-expiring session cookie in the browser. The SessionID value is then sent in a cookie with each request to the ASP.NET application.
You use the same browser, So the SessionID are the same.
Try to use a IE and a chrome, the Session ID will diffrent.
I have try it on my computer.
IE:bgssvl2vbe03ph4cpbzatxfq
Opera:trnxerbagvhu4g4aqylhbabv
You can see diffrent browser diffrent ID.
Hope it helpful.
If you have any feedback about my replies, please contact msdnmg@microsoft.com
Microsoft One Code Framework
roopeshreddy
All-Star
20143 Points
3327 Posts
Re: Question about "Unique Session ID" per Browser instance.
Feb 14, 2012 01:15 PM|LINK
Hi,
If you want different SessionID, then try File -> New Session in Internet Explorer!
Hope it helps u...
Roopesh Reddy C
Roopesh's Space
rBlohm
Member
18 Points
13 Posts
Re: Question about "Unique Session ID" per Browser instance.
Feb 14, 2012 07:39 PM|LINK
Thanks for your response. No, it is not quite true. You may wish to open as many MSIE instances on your desktop PC as you want. And I just openned two instances (under Windows 7), each gave me a different Session ID against the same application in the same PC undwer IIS 6.1 (Win 7). However, when I clicked to advance to next page of each instance, then one right after another, both instances gave me the same Session ID of the 2nd instance. As a result the 1st instance got the data from the 2nd instance instead of its own because IIS 6.x gave it to the 1st one. So I do think it is a bug. Though I have not tested on a true remote (separate) IIS server yet.
If you like and have sometimes, create a simple website (Localhost) with 2 pages. The Login page and a default page. Display Session ID and session states in each page at Page_Load time to see what you get.
In summary, it is not consistent, some times I opened 2 instances of MSIE and each got its own Session ID from the 1st time, some other times not (both got same SID).
It could be a bug! A serious one.
Have good time!
Robert
rBlohm
Member
18 Points
13 Posts
Re: Question about "Unique Session ID" per Browser instance.
Feb 14, 2012 07:46 PM|LINK
I would like to not worry of that! We are an internet shop. Certainly telling Internet clients click File/New session and others mind-boggling things is not in my mind! And yes, an average Joe and Mary out there will not remember it!
Robert