I have a pdf and few plain html files in a folder under an asp.net application. The files have some links to different application areas. When a user directly access these files (assume they are clicking from an email) which are not server side files, will
a new session be created? I think a new session will be created though it is an html file and later an aspx page can check for the session cookie. My intention is to find the referrer is a pdf file in an aspx page and also check whether the session cookie
available on the users computer. Any comments?
Thanks for the clarification. Though the session is created, I wont be able to depend on the session id. In asp.net 2.0, there is a change where a new session id is created when the session is accessed. So, I don't think I can reply on the session id between
the time when the pdf file is accessed to a page where the session object is accessed for the first time.
Actually, a session might not be created. For files that ASP.NET doesn't process, such as HTML files, IIS serves these directly and may not instantiate the ASP.NET pipeline at all, therefore you might not get any session. You can easily test this by using
the Session_Start event in global.aspx; just write something to a log file when the session starts, then access the html/pdf file.
If you use IIS 6/7 - Classic Mode, then it won't create Session! In this case, only registered handler(.aspx, .ascx etc.,) requests will pass through the ASP.NET pipeline!
If you use IIS7/7.5 - Integrated Mode, then it may create session! In this case, all requests will pass through the ASP.NET pipeline! ie., including all Static files!
The session id behavior where a new session id is created after the first access to a session variable is a asp.net 2.0 change. I'm wondering is there a setting to keep the session id the same throughout the session.
Store some data in Session, so that it will be Unique for the entire session in ASP.NET 2.0!
If you didn't store any data and if you simply call Session.SessionID, then it will create unique ID for every call to it! Inorder to have a unique session id for the entire session, store some data!
castlehills
Member
259 Points
171 Posts
When will a session be created?
Feb 17, 2012 04:57 PM|LINK
I have a pdf and few plain html files in a folder under an asp.net application. The files have some links to different application areas. When a user directly access these files (assume they are clicking from an email) which are not server side files, will a new session be created? I think a new session will be created though it is an html file and later an aspx page can check for the session cookie. My intention is to find the referrer is a pdf file in an aspx page and also check whether the session cookie available on the users computer. Any comments?
Muhammad Fak...
Contributor
2268 Points
511 Posts
Re: When will a session be created?
Feb 17, 2012 05:14 PM|LINK
Dear,
ASP.Net creates a session in the first Http request to the web site, whatever, it is Html page or even a picture.
You can check that by putting a breakpoint in the Session_OnStart method in the global.asax file and see what will happend
For undestanding more the .asax file, please see that http://msdn.microsoft.com/en-us/library/szzd570s(v=vs.71).aspx
If you feel it helps, Mark as answered so that it can help others to find solution.
For Any further questions, please contact me.
castlehills
Member
259 Points
171 Posts
Re: When will a session be created?
Feb 17, 2012 07:44 PM|LINK
Thanks for the clarification. Though the session is created, I wont be able to depend on the session id. In asp.net 2.0, there is a change where a new session id is created when the session is accessed. So, I don't think I can reply on the session id between the time when the pdf file is accessed to a page where the session object is accessed for the first time.
Muhammad Fak...
Contributor
2268 Points
511 Posts
Re: When will a session be created?
Feb 18, 2012 04:11 AM|LINK
I think this is not right a new session id is created when the session is accessed,
as the session object is created once in the first request, then you can access it as you want, untill it is timed out after the user idle time
If you feel it helps, Mark as answered so that it can help others to find solution.
For Any further questions, please contact me.
Dave Sussman
All-Star
37716 Points
5005 Posts
ASPInsiders
MVP
Re: When will a session be created?
Feb 20, 2012 07:47 AM|LINK
Actually, a session might not be created. For files that ASP.NET doesn't process, such as HTML files, IIS serves these directly and may not instantiate the ASP.NET pipeline at all, therefore you might not get any session. You can easily test this by using the Session_Start event in global.aspx; just write something to a log file when the session starts, then access the html/pdf file.
If you want to ensure that a session is started, then you need to map those files to the ASP.NET process. See http://stackoverflow.com/questions/5178033/how-to-deny-access-to-a-file-with-asp-net-web-config-but-not-just-locally - the long answer at the end shows how to do the mapping in IIS.
roopeshreddy
All-Star
20143 Points
3327 Posts
Re: When will a session be created?
Feb 21, 2012 02:57 PM|LINK
Hi,
I think it depends on the IIS Server!
If you use IIS 6/7 - Classic Mode, then it won't create Session! In this case, only registered handler(.aspx, .ascx etc.,) requests will pass through the ASP.NET pipeline!
If you use IIS7/7.5 - Integrated Mode, then it may create session! In this case, all requests will pass through the ASP.NET pipeline! ie., including all Static files!
Hope it helps u...
Roopesh Reddy C
Roopesh's Space
castlehills
Member
259 Points
171 Posts
Re: When will a session be created?
Feb 21, 2012 04:00 PM|LINK
I'm using 7.5.
The session id behavior where a new session id is created after the first access to a session variable is a asp.net 2.0 change. I'm wondering is there a setting to keep the session id the same throughout the session.
roopeshreddy
All-Star
20143 Points
3327 Posts
Re: When will a session be created?
Feb 21, 2012 04:06 PM|LINK
Hi,
Store some data in Session, so that it will be Unique for the entire session in ASP.NET 2.0!
If you didn't store any data and if you simply call Session.SessionID, then it will create unique ID for every call to it! Inorder to have a unique session id for the entire session, store some data!
Hope it helps u...
Roopesh Reddy C
Roopesh's Space