0

I'm working on an ASP.Net MVC website that is deployed to a Windows Azure Website. The site uses cookieless session with the RedisSessionStateStore provider. The site works fine in a local dev environment, but when deployed to Azure, any request to the site causes an infinite redirect loop. Each loop tries to generate a new session Id in the url.

I've tried the following, but have not got any of these to work.

  • Tried disabling Arr Session Affinity. This was suggested on another forum, but it does not work. I've tried using web.config and c# to set the Arr-Disable-Session-Affinity header to true, but the ArrCookie remains.
  • Tried InProc session
  • Tried setting regenerateExpiredSessionId to false

Please let me know if it is possible to get cookieless session working when deployed to Windows Azure website. If so, how? Also, is there any reason why none of my attempts to disable Arr Affinity cookie worked?

Paul
  • 337
  • 1
  • 3
  • 9
  • I don't believe the Redis Session provider supports cookieless session - the session id has to be stored somewhere on the client for retrieval on the server. The default configuration doesn't include the config parameter. – viperguynaz Mar 26 '15 at 19:40
  • The Redis Session provider does work with cookieless session when deployed locally though. It is only once the website is deployed to Azure that it doesn't work. That said, are there other session providers where this is known to work? – Paul Mar 26 '15 at 21:00

1 Answers1

1

See this SO question and this forum post. Bottomline - cookieless sessions are not supported in MVC. They may appear to be working locally - but if they are, then there will a Session ID in every URL (read here - 2005 MSDN article)

Community
  • 1
  • 1
viperguynaz
  • 12,044
  • 4
  • 30
  • 41
  • Thanks, viperguynaz. It certainly does appear to work locally as the urls do include a SessionID segment and all the session functionality works as expected. However, given the compelling evidence, this solution simply isn't going to work. Time to redesign the app to avoid session use. I have a strict requirement around 3rd party cookies that is driving all of this. – Paul Mar 27 '15 at 17:34
  • is Local Storage an option? – viperguynaz Mar 28 '15 at 01:40