Session State shares session across subdomain, VB.NET website C# MVC 4 Application

Question

I am trying to share a session from a main VB.Net Website and a subdomain C# MVC 4.

I have the same ASP.NET_SessionId Cookie present for both sites and in the Immediate Debugger I can see both Session objects have the same SessionID. However when I set a session from the VB.Net website, Session("TestSession") = "SimpleString", if i call the Session Object in the Immediate Window from the MVC Application the Count is 0.

This is also the case if i set a session in the MVC Application it is not found in the VB.Net Website.

Preferably I would like to use StateServer Mode but I have read that only SQLServer Mode works for cross domain support.

Here is the web.config that is present in both sites

<httpCookies domain=".example.localhost"/>
<sessionState mode="SQLServer" sqlConnectionString="Data Source=(local);Integrated Security=True" />
<machineKey validationKey="XXX" decryptionKey="XXX" validation="SHA1" compatibilityMode="Framework20SP1" />

Ashley Medway · Accepted Answer · 2014-01-31T09:02:15.447

To solve the problem as well as adding the web.config settings I had to add a couple of lines to the Application_Start from the global.asax. This had to be added to both sites.

C#

FieldInfo runtimeInfo = typeof(HttpRuntime).GetField("_theRuntime", BindingFlags.Static | BindingFlags.NonPublic);
HttpRuntime theRuntime = (HttpRuntime)runtimeInfo.GetValue(null);
FieldInfo appNameInfo = typeof(HttpRuntime).GetField("_appDomainAppId", BindingFlags.Instance | BindingFlags.NonPublic);
appNameInfo.SetValue(theRuntime, "MyApplicationName");

VB.Net

Dim runtimeInfo As System.Reflection.FieldInfo = GetType(HttpRuntime).GetField("_theRuntime", System.Reflection.BindingFlags.[Static] Or System.Reflection.BindingFlags.NonPublic)
Dim theRuntime As HttpRuntime = DirectCast(runtimeInfo.GetValue(Nothing), HttpRuntime)
Dim appNameInfo As System.Reflection.FieldInfo = GetType(HttpRuntime).GetField("_appDomainAppId", System.Reflection.BindingFlags.Instance Or System.Reflection.BindingFlags.NonPublic)
appNameInfo.SetValue(theRuntime, "MyApplicationName")

This won't work if the applications are on different subdomains. — Michael Fry, Jan 14 '15 at 00:49
@MichaelFry This was deployed to different subdomains and worked correctly. — Ashley Medway, Jan 14 '15 at 08:50
You're right, it does work. Not sure what was wrong before... Oh well, cheers! — Michael Fry, Jan 18 '15 at 23:08

score 1 · Answer 2 · edited May 23 '17 at 11:53

1

You should use a cookie and not a session variable. Session variables are saved on the server so when you goto another server, it will not have your session variable.

See this SO question for more detail: where-are-the-session-variables-saved

edited May 23 '17 at 11:53

Community

1
1

answered Oct 23 '13 at 14:48

Steve

5,585
2
18
32

You are incorrect, you can use sessionState to create a sessions server that the website connect to for their sessions... as it happens i have solved this problem and it works – Ashley Medway Oct 23 '13 at 15:08
@AshleyMedway If you have solved this issue, you should put it as an answer and then mark it as answered. That way others that have your same issue can find thier answer. – Steve Oct 23 '13 at 15:17

Session State shares session across subdomain, VB.NET website C# MVC 4 Application

2 Answers2