Share sessions between asp.net web applications using State Server RRS feed

  • Question

  • User1763172376 posted

    I have two web applications hosted in two different virtual directories like  (http://localhost/abc/default.aspx) and (http://localhost/xyz/default.aspx). In case of custom or Sql server Session mode, session variables are successfully shared between these application (ASP.NET_SessionId is same for the two applications) , but in State server, sessions are lost. Machine keys are same for both. I have checked that ASP.NET_SessionId is different for these two web applications.  I have checked that ASP.NET_SessionId is same for these two web applications.  

    Web applications can store own session variables using the ASP.NET State Service.

    Is it possible to use ASP.NET StateService for session sharing between these applications ? 

    Sunday, January 15, 2012 11:50 PM

All replies

  • User1763172376 posted

    In case AspNetSqlMembershipProvider, we can specify the applicationName.

    <sessionState mode="StateServer" stateNetworkTimeout="30" stateConnectionString="tcpip=X.X.X.X:42424">     

    There is no option for applicationName. How do i set the applicationName for session state?

    Monday, January 16, 2012 6:37 AM
  • User-481631678 posted

    Applications are identified through machine key in state server. e.g.


    If you use same machine key in multiple application then session will be shared

    Monday, January 16, 2012 9:01 AM
  • User1763172376 posted

    Thanks for ur replies.

    ASP.NET_SessionId is same for the two applications.

    I have already mentioned that Machine keys are same for both the applications.

    Monday, January 16, 2012 9:48 AM
  • User612574037 posted


    When you use StateServer session state mode it may lost when your application in a load balanced Web farm environment. The application path of the Web site in the IIS metabase must be the same for all web servers in web farm.

    You can refer to the below link for more details.


    Wednesday, January 18, 2012 4:51 AM
  • User1763172376 posted

    Thanks for ur reply.

    I got ur point, but in my scenario there are two applications. (No Web Farm). First, web application (localhost/abc/login.aspx) is used for login and user management, and the second web application (localhost/xyz/module1.aspx) is for another module like Stock Management. I want to share sessions between these two application. I can manage this session sharing using SQL /custom State mode.

    But is it possible to share session using StateServer mode ? 

    Machine keys are same for both. I have checked that ASP.NET_SessionId is same for these two web applications. But for a session say Session["test"], values are different from these two applications.


    Wednesday, January 18, 2012 5:01 AM
  • User-1002157272 posted

    hey there. I think state server sessions are domain-specific. I know there has to be some sort of workaround as many sites do use this but I'm not aware of it myself.

    Thursday, January 19, 2012 10:40 AM
  • User-1381440499 posted

    have u solved this issue???

    i am also facing the same issue , can u guide me how did you solved it and how r u chking the session id in the xyz because it throws an error while retriving the session value and it says "object reference not set...."...

    please help

    Monday, February 6, 2012 6:25 AM
  • User1763172376 posted

    Hey guys .......... please confirm me whether it is possible or not ???????? CoolSurprised

    Friday, March 2, 2012 5:34 AM
  • User-1002157272 posted

    I think this would depend on the "brand" of state server being used. Im sure it's possible with some. Sessions are meant to be treated as domain-specific so in normal circumstances it isn't possible without creating some kind of work-around manually.

    One solution might be to force user's to login on only one of the applications (such as the "xyz" example you provided above).

    If an unauthenticated user navigates to the "abc" app, redirect to the "xyz" app's login. If a user is authenticated in app "xyz" and they navigate to app "abc", pass along a heavily protected variable containing the an identifier for the user, and upon landing at "abc" app, perform a quick validation of the variable that has been passed to make sure it's valid, then use it to perform an automatic login for the 2nd app. 

    Sounds confusing maybe but it would be pretty simple to set up.

    A simpler solution would be to use a shared id system like OpenAuth or WindowsLive but well, not very secure for something dealing in finances and stock options lol.

    Would the soltion I provided above be feasable for you?

    Tuesday, March 6, 2012 2:15 AM
  • User1534372712 posted

    Hi, i have similar problem have you got solution,if yes then please inform me , i need that solution

    thanks in advance

    Tuesday, March 13, 2012 4:06 AM
  • User-1542426967 posted


    I also have the exact problem like yours.

    I also can't find the way on how to set application name (or application path) for two sites to share sessions with using StateServer mode.

    For link that Qi Wu - MSFT provided, http://support.microsoft.com/kb/325056, I failed to test it.

    Have you got the way to set it or any other solutions of the problem?

    Monday, August 20, 2012 1:29 AM
  • User-1002157272 posted

    Just a followup for ths thread since I noticed it is still unanswered. Short answer is no, this is not possible with default asp.net state service.

    Session state can be shared in a web-farm environment when configuration is handled properly because each server is still treated as the same virtual path.

    However, to do this in the scenario described by the original poster's question, it will not work with asp.net's default state service providers.

    The reason is because, as with membership providers, the session provider takes a application name property aswell. However, this value does not get specified in a configuration section like other providers. Instead, it takes the virtual path of the application's root. Since you have 2 different applications in 2 different virtual directories, the path provided will be different for both, therefore, making sessions unsharable.

    Hope this clears up questions for the people in this thread.

    Monday, August 20, 2012 8:51 PM
  • User-1542426967 posted

    Thanks magicmike2011's comment!

    As http://msdn.microsoft.com/en-us/library/ms178586.aspx stated, StateServer makes session state available to multiple Web servers in a Web farm. Do you think it is only accessible among servers in the web farm, but not sharing sessions among them (even make some tricky means to do so)?

    I have search for this solution over two weeks, and still can't get the result.

    For SQLServer, I have done the following two steps:

    1. Set the application name for sqlConnectionString. in Web.Config for two web sites project.

    <sessionState mode="SQLServer"
    sqlConnectionString="data source=localhost;user id=u;password=p;application name=app"

    2. Modified SP (TempGetAppID) in DB (ASPState), to get the same application name (app).

    DECLARE @connStrAppName nvarchar(50)
    SET @connStrAppName = APP_NAME()
    IF (@connStrAppName <> '.NET SQLClient Data Provider')
    SET @appName = @connStrAppName

    Reference: http://forums.asp.net/t/1814547.aspx/1


    It worked to share session ID with  the same application name.

    However, my supervisor wants to use StateServer to share session, instead of using SQLServer.

    But here also comes a question for SQLServer:

    Q: The record to be inserted into ASPStateTempApplications was sometimes missing. Does anyone know why and how to solve it?


    Monday, August 20, 2012 9:45 PM
  • User-1542426967 posted

    In ASPState database, ASPStateTempApplications table has AppName field.

    When two applications login, there are two newly created rows.

    For AppName field, the value is Meta path for the web application seperately.

    For example:

    Web Application (1): /lm/w3svc/1/root/app1

    Web Application (2): /lm/w3svc/1/root/app2

    Does anyone know how to change the meta path for two applications to be the same, so that the session can be shared across two web applications?

    Friday, September 14, 2012 12:18 AM