0

The website use Angularjs as frontend to call API(Asp.net in IIS).
Each request passed Global.asax Start_Session generate new session ID.
It supposed to use the same session to the same user.

I am trying to send GET request with this URL:
$http({method: 'GET', url: 'http://localhost:59893/initSite.aspx'})
I read this qusetion but the answer doesn't help in my case:
ASP.NET: Session.SessionID changes between requests.

Community
  • 1
  • 1
Roy Pun
  • 493
  • 4
  • 8
  • You may check the request header to see if it has the sessionid cookie. Something like Cookie: ASP.NET_SessionId=yza5qg41rdeblnadv1s5tb4m – mattfei Jul 26 '16 at 18:44

2 Answers2

0

I'm not sure about ASP but with PHP I have found a similar problem with API requests. You can't rely on ASP/PHP to remember the session ID's on each request from different clients, you need to post a session ID with each request to the API where that session ID is checked against a list of logged in users in a Database.

This would be the proper way of handling logged in users with a remote API. Check this similar answer: Auto Logout when user leaves the application without doing logout action

Community
  • 1
  • 1
johan
  • 998
  • 6
  • 20
  • It is a solution but not the real fix of the problem because asp.net supposed to create session ID for each particular user. – Roy Pun Jul 19 '16 at 06:33
0

If you want your session Id to be same for every request for that particular session...store something in the session variable(anything dummy)...then it will give the same session id..

It happens if you don't have anything stored in your session variable..you will always get a new session id for the same session itself.

Do something like below

Session["any_name"]="anything";
Rishi Tiwari
  • 1,041
  • 1
  • 10
  • 20
  • I tried to create a session in Global.asax - Start_Session but the site still generate different sessionID for each request – Roy Pun Jul 19 '16 at 06:35