I'm guetting out of ideas. I'm trying to use the same SessionState between two .Net 4 apps running under the same application pool and using mode="StateServer"
. I did a test on both app and I have a curious result: SessionID is shared, but not the actual session items.
How does it work internally? Is this a security restriction documented somewhere?
Screenshot 1 - I'm setting a session item (a simple date in TestData) in app#1 /SecureSessionTest.aspx:
Screenshot 2 - I'm reading the same session item TestData in app#2 /Apps/SecureSessionTest.aspx, but only the SessionID appears:
I can even set different data in the same Session("key")
. Weird!
They both have this in their web.config:
<machineKey validationKey='7D1094A0FC13B6656141916F69F6E25D0F112A6E94BD3EF5DAEFD9755A367C09607E7D76827AC5ACAD14456665C4E0966F632F09522475758A815A4045BF3F25' decryptionKey='F0DF9FA0522E541FF246ADD8BC285A10E984444AE4361631' validation='SHA1'/>
<sessionState mode="StateServer" stateConnect开发者_如何学运维ionString="tcpip=localhost:42424" timeout="60" regenerateExpiredSessionId="false" cookieName="XXXXXXXX_ASP.NET_SessionId" />
Any ideas? Help is very appreciated!
Carl
The StateServer keys the session off of a combination of the SessionID cookie, the machine key, AND the application name.
Try having the two applications share the same application pool.
This previous question may be illuminating: Session State and Application Pool
(If my initial suggestion doesn't work please comment and I'll dig deeper)
@Ash is right, the session is based off the sessionID (which is dependent on the machine key as well as the website domain), and application name, but I did get it to work on a single site across application directories (sounds like your scenario) - see my answer on state server session - cross appDomain?
It sounds like the piece you're missing is the explicitly setting the application name in the global.asax (using reflection - I haven't found a configuration setting for this). I just found out about that after googling for the setup all morning.
精彩评论