ASP Sessions

Discussion in 'ASP General' started by strycat@gmail.com, Feb 16, 2005.

  1. Guest

    Hello,

    I've got two different sets of ASP scripts on my server. Each set is
    kept in their own directory. Both sets of scripts use sessions. I
    want to make sure that the sessions are not accidentially shared
    between the two sets as they are both different applications.

    Right now I'm having a problem when I do a Session.Abandon from one set
    of scripts it also kills the session for the other set of scripts (I
    believe they are both using the exact same session). Is there some way
    I can make sure this doesn't happen?

    Thanks,

    -Tom
     
    , Feb 16, 2005
    #1
    1. Advertising

  2. Evertjan. Guest

    wrote on 16 feb 2005 in microsoft.public.inetserver.asp.general:
    > I've got two different sets of ASP scripts on my server. Each set is
    > kept in their own directory. Both sets of scripts use sessions. I
    > want to make sure that the sessions are not accidentially shared
    > between the two sets as they are both different applications.


    I don't know about what you call an application, but you certainly have a
    single session, so the session variables are shared.


    > Right now I'm having a problem when I do a Session.Abandon from one set
    > of scripts it also kills the session for the other set of scripts


    No, you have only one session, it shows.

    > (I believe they are both using the exact same session).


    Why would they use different sessions?

    As long as they are in the same domain, they share the same session-id
    cookie.

    > Is there some way I can make sure this doesn't happen?


    There is no reason why a session would be different in different
    directories of the same domain. Browsers will only return a different
    session-id, if the domain is different.

    So use different domains.

    --
    Evertjan.
    The Netherlands.
    (Replace all crosses with dots in my emailaddress)
     
    Evertjan., Feb 16, 2005
    #2
    1. Advertising

  3. Tom Cat Guest

    Evertjan. wrote:
    > wrote on 16 feb 2005 in microsoft.public.inetserver.asp.general:
    > > I've got two different sets of ASP scripts on my server. Each set

    is
    > > kept in their own directory. Both sets of scripts use sessions. I
    > > want to make sure that the sessions are not accidentially shared
    > > between the two sets as they are both different applications.

    >
    > I don't know about what you call an application, but you certainly

    have a
    > single session, so the session variables are shared.
    >


    Each set of scripts is a different application.

    > > (I believe they are both using the exact same session).

    >
    > Why would they use different sessions?
    >


    Because they are different applications.

    > There is no reason why a session would be different in different
    > directories of the same domain. Browsers will only return a different


    > session-id, if the domain is different.
    >
    > So use different domains.


    This isn't an option. Are there any other workarounds for this
    behavior?
     
    Tom Cat, Feb 16, 2005
    #3
  4. Evertjan. Guest

    Tom Cat wrote on 16 feb 2005 in microsoft.public.inetserver.asp.general:

    > Evertjan. wrote:
    >> wrote on 16 feb 2005 in microsoft.public.inetserver.asp.general:
    >> > I've got two different sets of ASP scripts on my server. Each set

    > is
    >> > kept in their own directory. Both sets of scripts use sessions. I
    >> > want to make sure that the sessions are not accidentially shared
    >> > between the two sets as they are both different applications.

    >>
    >> I don't know about what you call an application, but you certainly

    > have a
    >> single session, so the session variables are shared.
    >>

    >
    > Each set of scripts is a different application.


    Application is only a word, unless you explain that in asp terms.

    Perhaps you think of visual basic applications,
    but that does not mean a thing under asp, not even under asp/vbscript.

    >> > (I believe they are both using the exact same session).

    >>
    >> Why would they use different sessions?
    >>

    >
    > Because they are different applications.


    No, as I showed you, sessions are only devided
    by different asp-servers or different domains.

    >> There is no reason why a session would be different in different
    >> directories of the same domain. Browsers will only return a different

    >
    >> session-id, if the domain is different.
    >>
    >> So use different domains.

    >
    > This isn't an option. Are there any other workarounds for this
    > behavior?


    Sure: you start with the wrong idea's.

    Programming is all about having it your way by making smart code,
    not by wanting the engine to have different behavour than you wished for.

    So you could rename all session variables from application 1
    by appending -A1 to the name and the other by appending -A2.

    There are however miriads of other possiblilities.

    --
    Evertjan.
    The Netherlands.
    (Replace all crosses with dots in my emailaddress)
     
    Evertjan., Feb 16, 2005
    #4
  5. wrote:
    > I've got two different sets of ASP scripts on my server. Each set is
    > kept in their own directory. Both sets of scripts use sessions. I
    > want to make sure that the sessions are not accidentially shared
    > between the two sets as they are both different applications.


    Not sure I understand this one. If you are concerned about one application
    stepping on another's variables you can resort to meaningful naming.
    Otherwise, what exactly is the point?



    > Right now I'm having a problem when I do a Session.Abandon from one
    > set of scripts it also kills the session for the other set of scripts
    > (I believe they are both using the exact same session). Is there
    > some way I can make sure this doesn't happen?


    Build your own session architecture with a DB backend, perhaps? We actually
    do this in order to BROADEN our session scope (span servers), but I suppose
    it could be used to NARROW that scope.


    --
    Dave Anderson

    Unsolicited commercial email will be read at a cost of $500 per message. Use
    of this email address implies consent to these terms. Please do not contact
    me directly or ask me to contact you directly for assistance. If your
    question is worth asking, it's worth posting.
     
    Dave Anderson, Feb 16, 2005
    #5
  6. Mark Schupp Guest

    In IIS administrator right-click on each directory and select properties.
    On the "directory" tab click on the "Create" button this will make that
    directory a separate "application" for IIS and ASP will create a separate
    session for that directory.

    The icon in IIS administrator should change from a folder to a box with an
    activeX ball in it.

    --
    --Mark Schupp
    Head of Development
    Integrity eLearning
    www.ielearning.com

    <> wrote in message
    news:...
    > Hello,
    >
    > I've got two different sets of ASP scripts on my server. Each set is
    > kept in their own directory. Both sets of scripts use sessions. I
    > want to make sure that the sessions are not accidentially shared
    > between the two sets as they are both different applications.
    >
    > Right now I'm having a problem when I do a Session.Abandon from one set
    > of scripts it also kills the session for the other set of scripts (I
    > believe they are both using the exact same session). Is there some way
    > I can make sure this doesn't happen?
    >
    > Thanks,
    >
    > -Tom
    >
     
    Mark Schupp, Feb 16, 2005
    #6
  7. io Guest

    G'day Tom,

    There is only one scenario I can think of that may lead to such problem -
    it's when your browser spawns a new window (i.e. window.open(...)) that
    loads/opens new "application" page(s). In this case both browser windows
    will share same process including in-memory session cookie. If you start
    your browser as a separate process and navigate to the other application you
    shouldn't have this problem.

    Cheers

    <> wrote in message
    news:...
    > Hello,
    >
    > I've got two different sets of ASP scripts on my server. Each set is
    > kept in their own directory. Both sets of scripts use sessions. I
    > want to make sure that the sessions are not accidentially shared
    > between the two sets as they are both different applications.
    >
    > Right now I'm having a problem when I do a Session.Abandon from one set
    > of scripts it also kills the session for the other set of scripts (I
    > believe they are both using the exact same session). Is there some way
    > I can make sure this doesn't happen?
    >
    > Thanks,
    >
    > -Tom
    >
     
    io, Feb 17, 2005
    #7
  8. Evertjan. Guest

    io wrote on 17 feb 2005 in microsoft.public.inetserver.asp.general:
    > There is only one scenario I can think of that may lead to such
    > problem - it's when your browser spawns a new window (i.e.
    > window.open(...)) that loads/opens new "application" page(s). In this
    > case both browser windows will share same process including in-memory
    > session cookie. If you start your browser as a separate process and
    > navigate to the other application you shouldn't have this problem.
    >


    But what if you <a href=.. link to the other "application"?

    That will give you the same session too.

    --
    Evertjan.
    The Netherlands.
    (Replace all crosses with dots in my emailaddress)
     
    Evertjan., Feb 17, 2005
    #8
  9. Mark Schupp Guest

    Lets clear this up with a little experimentation. Take 2 asp files:

    c:\temp\app1\app1.asp
    --------------------------------
    <%@ LANGUAGE="VBSCRIPT"%>

    <html>
    <body>
    This is app1<br>
    Session ID=<%=session.SessionID%><br>
    Setting Application("appvar") to "app1"<br>
    Setting Session("sesvar") to "app1"<br>
    <%
    Application("appvar")="app1"
    Session("sesvar")="app1"
    %>
    <a href="/app2/app2.asp">Jump to app2</a>
    </body>
    </html>
    ---------------------------

    c:\temp\app2\app2.asp
    ----------------------------------------
    <%@ LANGUAGE="VBSCRIPT"%>

    <html>
    <body>
    This is app2<br>
    Session ID=<%=session.SessionID%><br>
    Application("appvar")="<%=Application("appvar")%>"<br>
    Session("sesvar")="<%=Session("sesvar")%>"<br>
    </body>
    </html>
    ----------------------

    Now create 2 virtual directories under the default web site in IIS
    administrator. Make sure that they are set up as "applications" (should have
    an activeX ball in a box icon instead of a folder icon).

    app1 - pointed at c:\temp\app1\
    app2 - pointed at c:\temp\app2\

    Launch IE and enter http://localhost/app1/app1.asp. The result is:
    -------------------------
    This is app1
    Session ID=642399021
    Setting Application("appvar") to "app1"
    Setting Session("sesvar") to "app1"
    Jump to app2
    --------------------

    click on the "jump to app2" link. the result is:
    ----------------------------------------------
    This is app2
    Session ID=642399022
    Application("appvar")=""
    Session("sesvar")=""
    ------------------------------------

    Note that the session id is different and the application and session
    variables are not shared.

    The key point is that the application directories must be created as virtual
    directories in IIS and as applications. If the virtual directories are not
    set to be applications then they will share a session.

    Go into IIS properties for each of the above directories and click the
    "remove" button and re-try the pages.

    from app1
    ----------------------------
    This is app1
    Session ID=643781585
    Setting Application("appvar") to "app1"
    Setting Session("sesvar") to "app1"
    Jump to app2
    -----------------------------------------------

    from app2
    ----------------------------------------------
    This is app2
    Session ID=643781585
    Application("appvar")="app1"
    Session("sesvar")="app1"
    ------------------------------------------

    --
    Mark Schupp
    Head of Development
    Integrity eLearning
    www.ielearning.com


    "Evertjan." <> wrote in message
    news:Xns9600717BF8EAeejj99@194.109.133.29...
    > io wrote on 17 feb 2005 in microsoft.public.inetserver.asp.general:
    > > There is only one scenario I can think of that may lead to such
    > > problem - it's when your browser spawns a new window (i.e.
    > > window.open(...)) that loads/opens new "application" page(s). In this
    > > case both browser windows will share same process including in-memory
    > > session cookie. If you start your browser as a separate process and
    > > navigate to the other application you shouldn't have this problem.
    > >

    >
    > But what if you <a href=.. link to the other "application"?
    >
    > That will give you the same session too.
    >
    > --
    > Evertjan.
    > The Netherlands.
    > (Replace all crosses with dots in my emailaddress)
    >
     
    Mark Schupp, Feb 17, 2005
    #9
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Ken Cox [Microsoft MVP]

    Re: Relationship between IIS Sessions and ASP.NET Sessions?

    Ken Cox [Microsoft MVP], Aug 8, 2003, in forum: ASP .Net
    Replies:
    1
    Views:
    5,374
    Luther Miller
    Aug 8, 2003
  2. Bruno Alexandre

    sessions in ASP.NET vs ASP

    Bruno Alexandre, Aug 13, 2003, in forum: ASP .Net
    Replies:
    4
    Views:
    2,498
    Bruno Alexandre
    Aug 18, 2003
  3. Bruno Alexandre

    ASP vs ASP.NET sessions (2nd post)

    Bruno Alexandre, Aug 18, 2003, in forum: ASP .Net
    Replies:
    1
    Views:
    553
    Marina
    Aug 18, 2003
  4. scottymo
    Replies:
    3
    Views:
    708
    Dominick Baier
    Sep 30, 2006
  5. Bookham Measures

    Moving from ASP Sessions to Database Sessions

    Bookham Measures, Jul 23, 2007, in forum: ASP General
    Replies:
    19
    Views:
    571
    Bookham Measures
    Aug 23, 2007
Loading...

Share This Page