HttpApplication.Session.SessionID Change on Each Request. Is it Normal?

  • Thread starter Thread starter Mike Kline
  • Start date Start date
M

Mike Kline

Hi There!

I'm creating a HttpModule and after AcquireRequestState event, I tried to
access the HttpApplication.Session.SessionID and somehow I'm getting a new
value on every Refersh of ASPX page.

I thought SessionID is supposed to stay static until the session timeout
defined in the web.config. Or am I missing something here???

Thanks!!

MK
 
It sounds like the browser doesn't accept the session cookie. When the
server doesn't "see" an ASP-session cookie, it creates a new session.
Check your browser security settings.
 
Hi JoakimR,

Thanks for the reply! I've checked my IE setting and it is in the level of
"Accept All Cookies".

Any other ideas?

Cheers,
MK
 
Mike Kline said:
Hi There!

I'm creating a HttpModule and after AcquireRequestState event, I tried to
access the HttpApplication.Session.SessionID and somehow I'm getting a new
value on every Refersh of ASPX page.

I thought SessionID is supposed to stay static until the session timeout
defined in the web.config. Or am I missing something here???
Click to expand...

Does your HttpModule implement IRequireSessionState?

I've seen this happen for pages which refer to SessionID but which do not
read or set Session.

John Saunders
 
No, my httpModule doesn't implement IRequireSessionState.

The more I test it, the more I think it is not the problem with my
httpModule. Because at last, here's how I tested for the SessionID using a
normal ASPX page.

Sub Page_Load()
Response.Write(Session.SessionID.ToString())
End Sub

and everytime I refresh it, I get a new value! In the web.config file I have
<sessionState timeout="20" /> and still generating new SessionID on each
refresh.

The strange thing is that I have about 5 ASP.NET web sites currently running
and I tested on all of those websites. The result is surprisingly the Same!
How could a new SessionID be generated on each refresh????

I am absolutely hitting my head against the wall! Help!

MK
 
Just an update...

My server is Windows 2000. And my server names doesn't contains any
"illegal" characters such as _ (underscore).

help......

MK
 
Mike Kline said:
No, my httpModule doesn't implement IRequireSessionState.

The more I test it, the more I think it is not the problem with my
httpModule. Because at last, here's how I tested for the SessionID using a
normal ASPX page.

Sub Page_Load() Session("foo") = "bar"
Response.Write(Session.SessionID.ToString())
End Sub
Click to expand...


Try putting something into Session state before checking SessionID.

John Saunders
 
Back
Top