How do I set a session variable in an ASHX file

Question

I'm trying to set a session variable in an ASHX file. I read up on it a bit, and got this far:

I set the variable in the ASPX file that calls the ASHX handler.
I tried to reset the variable in the handler.

I get an error saying that 'System.Web.HttpContext.Current.Session' is null. Like I've said I've done some reading and it SEEMS as though this should work, but for some reason I just can't get it to work for me.

I added using using System.Web.SessionState; at the top of my handler but that didn't seem to do anything useful. The Session variable ( HttpContext.Current.Session["saml_session_id"]) gets set with that, but doesn't seem to persist. When I get to the aspx file and call HttpContext.Current.Session["saml_session_id"] from my immediate window, only NULL is returned.

I've used this as guidance (How to access Session in .ashx file?), but obviously am missing something.

Can anyone advise me? I will continue to research and if I solve this, will post the solution.

See my code below.

In my .aspx file - I declare my session variable:

HttpContext.Current.Session["saml_session_id"] = string.Empty;

Then in the same file I post to the ashx file:

var response = Post("http://" + Request.ServerVariables["HTTP_HOST"].ToString() + "/API/Login.ashx", new NameValueCollection() {
            {"Username",Username},
            {"Password",Password}
        });

Then in my ashx file I have the following (this is a stripped down version):

using System.Web.SessionState;

//Some validation happens and a string called session_id gets generated.

context.Session["saml_session_id"] = session_id;

//while I'm in the ashx file, context.Session["saml_session_id"] persists.

The when the request in the handler is finished processing, the next code in the ASPX file is this:

  if (Response.Status.ToString() == "200 OK") {
            Context.Response.Redirect("../Play.aspx?SessionId=" + HttpContext.Current.Session["saml_session_id"].ToString());
        }

But HttpContext.Current.Session["saml_session_id"].ToString() is now blank again. Basically it looks like the handler and the web form aren't communicating or the session isn't being shared. I've checked to make sure the namespace is the same. Anything else I should check?

Why are you posting from server side code to the same code, rather than just calling the code directly? My guess is that since the server is posting data, rather than the user, it's treated as a new session. You should either have the client post the data, or just directly call the server side code from your own code in the code behind. — mason, Jan 13 '15 at 20:17
Thanks - I came to a similar realization about the new session. This is code that I've inherited and I'm trying to implement a SAML call using the same authentication logic. There initial form post is done via jquery. Rather than doing this, I'm implementing the SAML call - checking that the assertion is valid and then posting to the original ASHX file. I think I will just set a cookie and be done with it. I will post my solution. — kickinchicken, Jan 13 '15 at 20:32

mason · Accepted Answer · 2022-09-06T23:09:10.267

10

Make sure the handler implements System.Web.SessionState.IRequiresSessionState, just like in the link you provided.

You shouldn't need to have the HttpContext.Current part, if you import the namespace.

public class ImageHandler : IHttpHandler, System.Web.SessionState.IRequiresSessionState
{
    public void ProcessRequest(HttpContext context)
    {
      string Name = "";
      if (context.Session["filename"] != null)
         Name = context.Session["filename"].ToString();
    }
}

edited Sep 06 '22 at 23:09

answered Jan 13 '15 at 19:04

mason

31,774
10
77
121

1

@kickinchicken Put your code in the question, not in a comment. And please realize that you should have included it in the first place, we shouldn't have to ask for your code when the question is about why your code isn't working. – mason Jan 13 '15 at 19:18
Mason - I've put it into the question. I'm sorry for having offended you so greatly. Please tone it down a little. If you notice I have actually answered some of my own questions here. This is a community for people to help one another. If you're going to be impatient and derogatory, please just don't answer as that isn't helpful. – kickinchicken Jan 13 '15 at 19:47
1

@kickinchicken I am not offended-I am trying to help you. It's important that you learn how to properly ask a question if you want to receive decent help. – mason Jan 13 '15 at 19:48

score 0 · Answer 2 · answered Feb 28 '17 at 15:57

0

All you need to do is import

IRequiresSessionState

then add your data:

context.Session.Add("User", "Your Object");

answered Feb 28 '17 at 15:57

Kai CriticallyAcclaimed Cooper

958
2
15
27

score -1 · Answer 3 · edited Mar 18 '19 at 09:16

-1

The issue was a rookie mistake in that I was getting a response back from the form but wasn't looking in the right place. It turned out it was in bytes and the session id from the ASHX file was there.

edited Mar 18 '19 at 09:16

Kiquenet

14,494
35
148
243

answered Jan 14 '15 at 14:16

kickinchicken

1,281
4
18
40

How do I set a session variable in an ASHX file

3 Answers3