Last post Dec 26, 2019 02:33 AM by Brando ZWZ
Dec 19, 2019 11:59 AM|anp123|LINK
There is a pay.aspx page in the website, through which I am sending the encrypted request to payment gateway. I am also setting the Session variable on the pay.aspx page. In the response page in the website , I am decrypting the request and comparing
the Session Variable set in the pay.aspx to the decrypted response variable. But in Response page, I am getting the same Session variable with null value with a different thread ID. I have also set
<sessionState mode="InProc" timeout="20"></sessionState> in web.config. What should I do so that session variable value is not lost after round trip of the payment gateway whose url is outside of the website.
Dec 19, 2019 12:14 PM|PatriceSc|LINK
You asked a question recently about a redirection problem during a payment? Might be the same issue ie if the "response" page (this is a the "webhook" feature for your payment provider?) is called directly by the 3rd party payment server rather than by the
user browser it is expected that you won't have the same browser session id as it comes from an entirely different source.
Make sure to understand first from where comes each http request during this payment flow.
Dec 19, 2019 01:10 PM|deepalgorithm|LINK
Are you using a web farm/cluster? If so one request can go to one server and the next is routed to another through some kind of load balancing. Hard to really say without knowing your architecture. It could also be that the original request is lost when
it gets sent to the payment gateway.
Maintain a dictionary or some other data structure with the SessionID and value. Perhaps a static dictionary or distributed cache like Redis.
Dec 26, 2019 02:33 AM|Brando ZWZ|LINK
As far as I know, the IIS will not changed the thread id when hosting. I guess you may enabled web farm in your IIS. To solve this issue, you should use the sql server session provider or redis provider instead of the InProc.
The inproc will store the session into the memory.
More details about how to use the sql server session provider or redis provider, you could refer to below article: