We have an ASP.NET 4.0 application that is using forms authentication and state server for session state. We also have an ASP.NET 1.1 application hosted on the same server that is configured to use forms authentication and the state service. Both application
are configured to use the same cookie for holding the session id.
The 4.0 application loads a mixture of 4.0 and 1.1 pages into an iframe. The outer shell of the application is the 4.0 application i.e. it manages the header with menus and a left slide out page that allows further access to 1.1/4.0 pages within the application.
Our problems began after we deployed 3 servers hosting the application using round robin dns for load balancing and users started experiencing sessions ending at variable times resulting in data loss from pages that had not been posted back.
Is sharing the same cookie for session id between the two application a problem? Should we configure the state service to use a different cookie for the 1.1 and 4.0 applications on each server.
We are using the state server on each of the servers to manage the state for users connecting to that machine.
We have session state set to timeout after 120 minutes (a fairly long time) in most instances the session is timing out before 2 hours have ellapsed.
Additionally we have 2 iframes in the header of the site that are updated each with a 1.1 and 4.0 page in order to keep each session alive if the user is on an input screen.
I believe on shared environment you arent allowed to use session as it will impact on other sites on that server. Plesae use cookies as the alternative.
sboddy
0 Points
2 Posts
>ASP.NET 4.0 sharing session id with an ASP.NET 1.1 application
May 11, 2012 06:51 PM|LINK
We have an ASP.NET 4.0 application that is using forms authentication and state server for session state. We also have an ASP.NET 1.1 application hosted on the same server that is configured to use forms authentication and the state service. Both application are configured to use the same cookie for holding the session id.
The 4.0 application loads a mixture of 4.0 and 1.1 pages into an iframe. The outer shell of the application is the 4.0 application i.e. it manages the header with menus and a left slide out page that allows further access to 1.1/4.0 pages within the application.
Our problems began after we deployed 3 servers hosting the application using round robin dns for load balancing and users started experiencing sessions ending at variable times resulting in data loss from pages that had not been posted back.
Is sharing the same cookie for session id between the two application a problem? Should we configure the state service to use a different cookie for the 1.1 and 4.0 applications on each server.
We are using the state server on each of the servers to manage the state for users connecting to that machine.
We have session state set to timeout after 120 minutes (a fairly long time) in most instances the session is timing out before 2 hours have ellapsed.
Additionally we have 2 iframes in the header of the site that are updated each with a 1.1 and 4.0 page in order to keep each session alive if the user is on an input screen.
The servers are running windows 2008 r2.
dotnetnerd
Contributor
2614 Points
587 Posts
Re: >ASP.NET 4.0 sharing session id with an ASP.NET 1.1 application
May 14, 2012 03:52 AM|LINK
Hi sboddy,
I believe on shared environment you arent allowed to use session as it will impact on other sites on that server. Plesae use cookies as the alternative.
Windows ASP.NET Hosting | Reseller Hosting | Cloud Hosting
FightAsABull
Contributor
2228 Points
424 Posts
Re: >ASP.NET 4.0 sharing session id with an ASP.NET 1.1 application
May 15, 2012 07:11 AM|LINK
Hi, please use different cookie for session id between the two application