6

I need to have a new session per browser window/tab. I am aware of the fact that ASP.NET assigns one session per process. I am also aware that browsers share this session between all open tabs/windows of the app. However, I need to come up with a way to create a new session for a new tab/window.

Cookieless session-state is not an option also. I already looked at that. I am looking to keep URL's clean.

I looked at the following solutions. 1) asp.net - session - multiple browser tabs - different sessions?. This solutions suggests using IsPostBack property, which is not available in MVC. 2) https://sites.google.com/site/sarittechworld/track-client-windows. This one looks very complex and I don't fully understand the javascript magic that is happening in it. I don't want to put in a solution that I don't understand. Also, I am not fully aware of any security holes that this solution may create.

Can someone point me in the right direction?

Community
  • 1
  • 1
Nachiket Mehta
  • 310
  • 3
  • 15
  • It might help if you briefly explained how this will need to be used, for example what would the impact be to the user? This may help you find the right answer. – shanabus Mar 07 '12 at 02:43
  • The impact to the user is that a user can log in under 2 different roles in 2 different browser tab/windows. – Nachiket Mehta Mar 07 '12 at 16:48

2 Answers2

1

I've created a NuGet package called ASP.NET MVC Conversational Session. Here you find more information: http://blog.micic.ch/net/asp-net-mvc-conversational-session

I released the first version yesterday. Have a look at the demo code or download the demo solution and let me know if there are things to improve. :)

EDIT: By default: The "identifier" is passed via URL when you use the appropriate extension method in the View. But you can add the identifier on your own. It gives you more flexiblity. (For example when you have links which are not generated via @Html.ActionLink.. etc.)

user2208790
  • 11
  • 1
  • With your implementation would you be able to access the session state information from, say, a WCF service layer? Or is the session state information isolated to the controller only? – Mark Erasmus Feb 07 '14 at 20:15
1

The only way to achieve this is to append the session id in the url which is what cookieless sessions are intended to do. Unfortunately you seem to have ruled out this possibility due to the ugly urls it produces.

Darin Dimitrov
  • 1,023,142
  • 271
  • 3,287
  • 2,928
  • How would you achieve this in ASP.NET MVC? I'm not fussed about clean URLs. From what I can tell through online research is that MVC doesn't play well with cookieless sessions and it's use with MVC has been actively discouraged. I've been trying to find a solution to this 'unique ASP.NET session per browser tab' problem for days... – Mark Erasmus Feb 07 '14 at 20:04
  • Yes, that's correct. Cookieless sessions do not play nice with the HTML helpers in ASP.NET MVC. You might need to roll your own custom implementation. – Darin Dimitrov Feb 08 '14 at 10:46