Inline ASPX Session not working

Question

User-253935570 posted

I've been assigned the task of quickly converting a ton of old ASP apps to INLINE Aspx.net apps. The conversion was going smoothly till I ran into a snag with session variables. They work perfectly in the old ASP app, and they also work perfectly on my developer version of IIS at home, but they don't work on our server farm at work running IIS 7.

Really simple example:

Page1.aspx

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<%@ Page Language="VB" Debug="true" Strict="false" AspCompat="true" EnableViewState="true"%>
<%@ Import Namespace="System.Web.Configuration" %>
<%
Session("junk") = "HELLO THERE"
response.write ("session variable set to " & Session("junk"))
%>

----------------------------------

Outputs "session variable set to HELLO THERE" on my IIS at home and at work

------------------------------------

After setting the session variable by running page1.aspx I now run this page:

Page2.aspx

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<%@ Page Language="VB" Debug="true" Strict="false" AspCompat="true" EnableViewState="true"%>
<%@ Import Namespace="System.Web.Configuration" %>
<%
response.write("The session variable is still " & Session("junk"))
%>

-------------------------------------

This works on my IIS at home but not at work.

Here's the web config. Note: None of my inline Aspx.net apps are using a code behind but are reading from a web.config.

Here's the web.config:

-------------------------------------

<configuration>
   <appSettings>
      <add key="tablestuff" value="180.00|160.00|140.00|120.00|100.00|80.00|60.00|40.00|20.00#"/>
   </appSettings>
   <system.web>
        <customErrors mode="Off"/>
        <compilation debug="true"/>
    </system.web>
</configuration>

What could cause it not to pass the session variable from page1.aspx to page2.aspx? Am I not calling something right? Could it be the browser not allowing cookies?

Answer 1

User281315223 posted

If you are attempting to use the Session within a server farm environment, they are likely going to act quite differently than running on a single server. You might want to take a look at this related Stack Overflow discussion which recommends the use of "StickySessions" or AppFabric to manage your Session contents. This other article on Managing Session States within Web Farms might be a solid resource as well.

Is there any particular reason that you are using the Session? Could you use something like the PageState, ViewState, HiddenFields, static variables or basic forms-behavior (e.g. submitting with postbacks) to pass along your variables? This is just a suggestion as the Session can be bad news if it's used to store large amounts of data as it's going to use resources from the server(s) for each user of the application (which might not seem like a problem, but if you have a large number of users, it could become one).

Answer 2

User1013750657 posted

yeps, agree. I only found it necessary to use session on one trick I have to do regarding fileupload.

I always use viewstate. viewstate is fantastic. of course there will be times when you come across certain cenarios where viewstate is so big the it simple doesn't work because file will be gigantic to go across network.

This has a fantastic solution on which I implement on a class and derive all my forms from it solving any of this issues.

ASP.net forms have this 2 methods that can be overridden:

SavePageStateToPersistenceMedium

LoadPageStateFromPersistenceMedium

which by the name you might have guessed, allows you to save viewstate to anywhere else instead of the form it self.

http://msdn.microsoft.com/en-us/library/system.web.ui.page.savepagestatetopersistencemedium(v=vs.110).aspx

http://msdn.microsoft.com/en-us/library/system.web.ui.page.loadpagestatefrompersistencemedium(v=vs.110).aspx

good luck

Answer 3

User-253935570 posted

Since nobody suggested a solution to the actual problem I asked, I ended up figuring it out myself. ASPX inline coding will inherit any web.config file settings in the root directory. Someone had placed a web.config in the root directory with SSLOnly enabled even though my application web.config (not in the root directory) didn't use that setting. This had the effect of stopping my session cookies from working unless the page was displayed with HTTPS. The solution was to add a line to my application web.config specifying SSLOnly set to false to override the root directory web.config. This behavior only happens in INLINE ASPX apps without a code behind.