How to maintain the same session id across multiple web applications in ASP.NET

I have two identical applications setup on IIS on different virtual directories (I have done some workaround to ensure that they both have the same application name). Is there a way to share session id across two asp.net web applications?

Since I’m storing the session in StateServer, they should both be getting the same session data, however, a different session id is created everytime I go from application a to applicatino b. Wouldn’t this happen in a load balancing scenario as well? Where when I go to www.test.com, it would redirect that request to server a, and then if I hit it again, it would go to server b, but since it’s a different web application, it would create a new session id?

Answers:

Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

First, configure the sessionState element in your web.config to use cookieName=”SOME_COOKIE_NAME_HERE” in both apps.

Then, just make sure the urls have the same TLD (top-level domain), i.e. app1.mydomain.com and app2.mydomain.com and you should be able to handle the Session_Start event in Global.asax and put this code:

    HttpCookie cookie = new HttpCookie("SOME_COOKIE_NAME_HERE", Session.SessionID.ToString());
    cookie.Expires = DateTime.Now.AddMinutes(20);
    cookie.Domain = "*.mydomain.com";
    cookie.HttpOnly = true;
    Response.SetCookie(cookie);

Also, I would recommend that you go with the SqlServer SessionState Mode.

Method 2

Initially i faced the same issue. What I did is, I overide the jsession id from each domain. I mean, If the user lands on domain1.com, set the same session id for domain2.com from iframe. and vice versa. With this, you can maintain same session across multiple domains.

You need to test the impact over multiple server over network with load balancer.

Method 3

Is your goal to share the session state between 2 applications, not just the session ID? I believe the StateServer also uses the application path as well as the SessionID to store the data so even if the SessionID’s were the same you still wouldn’t be able to share the data. You might have to write your own session module.

Load balancing web apps don’t have this problem because the application path is the same across cluster members.


All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x