SessionState in HttpModule problem (2.0)

[Tomasz]

Hello Developers,

I have an interesting problem. How, or when can I access SessionState from
HttpModule?
It seems that session state is only available when *.aspx page is requested.
It is not available for other resource types like *.gif files etc.

Is there any way I can force session state to load, even when it is not
*.aspx page being requested?

Thank you,
Tomasz J

 

[Aidy]

It is off by default, change your declaration

public class MyClass : IHttpHandler, IRequiresSessionState

 

[Tomasz]

Thanks, but I am talking about HttpModule, not HttpHandler.

 

[Walter Wang [MSFT]]

Hi Tomasz,

By default, *.gif files are served by IIS, not the aspnet_isapi.dll (like
*.aspx); and the Session State is loaded by SessionStateModule, which is a
built-in HttpModule, you can find it's configured in system-wide web.config
such as:

<httpModules>
<add name="OutputCache"
type="System.Web.Caching.OutputCacheModule" />
<add name="Session"
type="System.Web.SessionState.SessionStateModule" />
<add name="WindowsAuthentication"
type="System.Web.Security.WindowsAuthenticationModule" />

...


If you need to load session state when user is requesting *.gif files, you
must configure IIS to serve *.gif files via aspnet_isapi.dll; however,
please note serving static content via aspnet_isapi.dll is not effective as
serving via IIS.

Hope this helps.


Sincerely,
Walter Wang ([email protected], remove 'online.')
Microsoft Online Community Support

==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications. If you are using Outlook Express, please make sure you clear the
check box "Tools/Options/Read: Get 300 headers at a time" to see your reply
promptly.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

 

[Tomasz J]

Thank you Walter, but I am not quite sure I understand.
It looks like those "static content" requests, somehow, involve
aspnet_isapi.dll. All the events like BeginRequest, AuthorizeRequest or
AcquireRequestState fire. It is just that the HttpContext.Current.Session is
null.

What I am trying to develop is a special kind of rewrite engine. It must
have access to the session state and I cannot modify system-wide web.config
settings - the application is supposed to work in shared hosting
environment.

Do you think it can be done using HttpHandler? If so, where/when do I have
to call Context.RewritePath() method?

Thank you,

Tomasz J

 

[Tomasz J]

I just came across this great post by Mike Volodarsky, IIS Core Server /
ASP.NET Runtime Program Manager



https://forums.iis.net/thread/1648944.aspx



It looks like it is a known issue and whether or not session state is
available is actually decided... by the SessionStateModule itself!



Tomasz J

 

[Walter Wang [MSFT]]

Hi Tomasz,

Thank you for sharing the URL and I'm glad you've found the
workaround/solution.

Regards,
Walter Wang ([email protected], remove 'online.')
Microsoft Online Community Support

==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

 

[Tomasz J]

Hello Walter,

Here is a brief description of the solution I implemented.

In order to force session state to load, the current Context.Handler,
usually DefaultHttpHandler, has to be replaced in the PostMapRequestHandler
event by some other handler, implementing IRequiresSessionState. To be safe,
my dummy handler implementing IRequiresSessionState also carries a reference
to the original handler, and I swap it back in the PostAcquireRequestState
event, once the dummy handler fulfilled its mission between those two
events.

Regards,

Tomasz J