1

I'm facing a problem when redirecting to a page. Please have a look at my code and how i may solve it. The manifest is that after saving variables in session and redirect to a new page, the session variables are lost, and a new sessionId is created. I am a novice. Please advice.

Login.aspx:

Util.IsAdminUser= false; // save in session Util.IsAdminUser
Util.IsSpecialUser = true; //save in session Util.IsSpecialUser
Response.Redirect(Pages.SelectAccounts, false);
return;

SelectAccounts.aspx:

Page_Load(object sender, EventArgs e)
  {
    if (!Util.IsAdminUser)  // error of null, session is lost
    {
       ...
       ...
    }
   }
 protected void Session_Start(object sender, EventArgs e)
        {
             LoggerNet.Info("SessionId:" + Session.SessionID); 
        }

Thank you in advance

user2483797
  • 169
  • 1
  • 5
  • 13
  • how do you store your session? Can you show the `Util` class and `CheckSessionExpired();` method? – VMAtm Jul 14 '14 at 11:47
  • In Util i set Session["IsAdmin"] = false, Session["IsSpecialUser"]=true. Anyway..i am guessing that is a problem with saving the data in session and redirecting.. i don't know what cause this behaviour and what are the good practice.. – user2483797 Jul 14 '14 at 12:18
  • how do you store your session? InProc, SQL, etc. – VMAtm Jul 14 '14 at 12:22
  • saving the session in SQL – user2483797 Jul 14 '14 at 12:24
  • `In Util i set Session["IsAdmin"] = false` According to your comment, the result'll always be **false**. Please add the actual code of `Util.IsAdminUser`. – Win Jul 14 '14 at 13:36

1 Answers1

1

According the MSDN article:

For mobile pages, if your application relies on cookieless sessions, or might receive requests from mobile devices that require cookieless sessions, using a tilde (~) in a path can create a new session and potentially lose session data.

To set a property on a mobile control
with a path such as ~/path, resolve the path using ResolveUrl
~/path before assigning it to the property.

So, if you have a ~ in your Pages.SelectAccounts constant, you may have a new Session each time. Try to add the ResolveUrl method before the redirect.
May be you should switch to the Server.Transfer method, which is perform similar action, but without the roundtrip to the client. Please refer to the MSDN for more information:

How to: Redirect Users to Another Page
Correct use of System.Web.HttpResponse.Redirect

Update

Also you should check this answer:

ASP.NET: Session.SessionID changes between requests

Try to use the Session object in your Global.asax file for handling the Session_Start event - this will lock the SessionId for current user, and it wouldn't be changed again.

Update #2:

You must set some variable into the Session object, like this:

protected void Session_Start(object sender, EventArgs e)
{
    LoggerNet.Info("SessionId:" + Session.SessionID);
    Session["LastVisitDate"] = DateTime.Now;
}

Only after setter for the Session object is being called you'll have the persistent SessionId for the user.

Community
  • 1
  • 1
VMAtm
  • 27,943
  • 17
  • 79
  • 125
  • I already have Session_Start event and i'm not using cookiesless session or mobile pages – user2483797 Jul 15 '14 at 07:36
  • @user2483797 Can you provide the `Session_Start` code? Do you use the setter for the Session object in it? – VMAtm Jul 15 '14 at 07:37
  • Updated, please have a look – user2483797 Jul 15 '14 at 07:39
  • @user2483797, Yes, I saw it. You don't call any setters for the `Session`, so this object will be a new one each time you call the new page. Try to store there some information. Otherwise I don't know why it doesn't work. – VMAtm Jul 15 '14 at 07:41