Losing Session Variable

[Stephen]

I have a .NET (1.1 framework) application that is losing a
session variable on only a few PC's. The main page is
loading up in a frame in a Portal application. On the
Page_Load it stores an object with the user id and
password into the session.

The web page includes a set of links. When the user
clicks on a link, another page within this application is
opened in a new window. On the Page_Load of this second
page, I am retrieving the user object from the Session and
it is returning a null value.

This is all happening within a few seconds, so it is not a
timeout issue. Any ideas?

 

[Hermit Dave]

Frames... well its the holygrail and you are walking on a tight rope...

I think whats happening is that you are essentially starting up a new
session on the click... try dumping the SessionIDs....
My guess is they will be different... and since they are not in the same
session... you are getting null....

try placing the object in cache or passing it as query string params to the
newly opened page...

hope this helps

 

[Stephen]

Thanks for the suggestion. Any thoughts on why this would
only happen on a few PC's? They are running IE6,
including the 1100 PC's that do work.

 

[Hermit Dave]

well first frames mean nothing to the server... its just child windows in
the browser and first request in the each frame starts a session by
itself....

as for why its not happening on other machines.... could have something to
do with session config in web.config file
by default .... session id is written in a cookie
<sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data
source=127.0.0.1;Trusted_Connection=yes"
cookieless="false"
timeout="20"
/>
if the client browser doesnt accept cookies... that would cause every
request from that machine to have a new session....
Think thats my understanding of it...

 

[Charlie Nilsson [MSFT]]

Add some lines in your code to check and print (or write to a log file) the
session ID when a user browses to the second page.

Compare that to the session id on the first page, and you should be able to
tell what's going on. If the ID's are different, then somehow you've
started a new session with the server. The reasons for this could be
security settings on the browsers. (Check Internet Options, and make sure
your Cookies are turned on, and aren't restricted)

If the ID's are the same, then you probably have a bug somewhere in your
code where you set and/or get the value from the session.

 

[pfarrell]

As a followup

I encountered a similar situation which took me a long time to figure out. I'm posting to this long dead thread for researchers.

IE6 is unable to generate cookies for IIS servers where the IIS server name contains a '_'. I haven't tested with IE7. When you install on 2003 server, you will even get a warning when setting the machine name. I disregarded the warning and named my server test_01 or some such thing.

It bit me later when I got what appeared to be non-deterministic behavior with our login system. Turns out, I was connecting via http://test_01... which would work on Firefox but not Internet Explorer. Solution was to connect via IP or change the server name.