Crossing values of Session variables

Question

User-1324047654 posted

Hi all,

We are working in a web application using Session variables to store the clients ID to operate with them in all app (making orders, reports, etc....) but randomly users get the client ID of another user in any moment using the application.

I have tried to solve it in a first step adding to system.web section in the web.config file this:

<httpRuntime enableKernelOutputCache="false"/>

No changes after this. I have tried another possible solution, changing the SessionState to StateServer:

<sessionState timeout="30" mode="StateServer" stateConnectionString="tcpip=127.0.0.1:42424"></sessionState>

ASP.NET State Service is running in server normally, It began run just before this last change, but we have not solved the problem either with this solution.

The server is Windows Server 2003 Standard Edition SP2 32bits running IIS 6.0, and the application is made with Framework 2.0

Are we doing wrong or forget something?

Thanks

Answer 1

User-1324047654 posted

I forget this, users and servers are all in LAN, ASP.NET State Service is running in same server than IIS, and a question, Do I need create the machineKey in the web.config file?

Answer 2

User-1383778792 posted

Please see this

http://www.codeproject.com/KB/aspnet/ExploringSession.aspx

Answer 3

User-1324047654 posted

I have done all this guide says for StateServer mode, but users continue crossing data in sessions.

Answer 4

User-1383778792 posted

Sory 4 late reply.

Ya men please explain what u want to do. Is session variable replace values or not saving? 

Answer 5

User-1716504741 posted

Have you tried using Recycle your Virtual directory ..just goto your aplication pool and right click and recycle it ....

its may be because your worker process is not recycled

 

 

Answer 6

User384031199 posted

How did you check to see if the session values are interchanged or shared between users?

Did you test both the user accounts in the same client machine? I mean by opening two browsers in the same system? And are you using IE8 or FF 3.5 and above?

If all the above are true, you experience one of the features of the newer versions of the browsers - "Session sharing" across multiple windows.

References:

http://social.msdn.microsoft.com/Forums/en-US/iewebdevelopment/thread/52f6b8a6-09b1-4eb1-80c5-477d5199e4a4

http://www.vistaheads.com/forums/microsoft-public-internetexplorer-general/346079-ie-8-release-version-sharing-session-cookies-across-browsers.html

Answer 7

User-1324047654 posted

Sory 4 late reply.

Ya men please explain what u want to do. Is session variable replace values or not saving? 

The problem is replacing values with others users sessions values, randomly.

Answer 8

User-1324047654 posted

Have you tried using Recycle your Virtual directory ..just goto your aplication pool and right click and recycle it ....

its may be because your worker process is not recycled

We havent tried it, we are going to try today

Answer 9

User-1324047654 posted

How did you check to see if the session values are interchanged or shared between users?

Because they call me and say "Now I have the values of my colleague"

Did you test both the user accounts in the same client machine? I mean by opening two browsers in the same system?

No

And are you using IE8 or FF 3.5 and above?

All users with IE8

If all the above are true, you experience one of the features of the newer versions of the browsers - "Session sharing" across multiple windows.

References:

http://social.msdn.microsoft.com/Forums/en-US/iewebdevelopment/thread/52f6b8a6-09b1-4eb1-80c5-477d5199e4a4

http://www.vistaheads.com/forums/microsoft-public-internetexplorer-general/346079-ie-8-release-version-sharing-session-cookies-across-browsers.html

I going to check now

Answer 10

User-1324047654 posted

How did you check to see if the session values are interchanged or shared between users?

Did you test both the user accounts in the same client machine? I mean by opening two browsers in the same system? And are you using IE8 or FF 3.5 and above?

If all the above are true, you experience one of the features of the newer versions of the browsers - "Session sharing" across multiple windows.

References:

http://social.msdn.microsoft.com/Forums/en-US/iewebdevelopment/thread/52f6b8a6-09b1-4eb1-80c5-477d5199e4a4

http://www.vistaheads.com/forums/microsoft-public-internetexplorer-general/346079-ie-8-release-version-sharing-session-cookies-across-browsers.html

Users doesnt share values between browsers in theirs own pc, each user open 1 browser for app (IE8) and share sessions values randomly with another users of app in LAN

Answer 11

User-1324047654 posted

Have you tried using Recycle your Virtual directory ..just goto your aplication pool and right click and recycle it ....

its may be because your worker process is not recycled

Can this be the problem using StateServer mode for this app?

Answer 12

User-1324047654 posted

Anyone thinks anything about it?

Answer 13

User1119262645 posted

Hi,

We also facing the same session values sharing among different users randomly.

Please post the solution if any one found or already solved the same.

Answer 14

User753101303 posted

Hi,

In most if not all cases I've seen this is because static data are used and possibly stored inside the session. The first step is to check the SessionID. If you see distinct values it would confirm that the problem is not that the same session is used for multiple users but that you end up in storing the same values inside distinct sessions.

Watch out for static (or shared in VB) variables.