Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > Problem with Session State being shared between users!

Reply
Thread Tools

Problem with Session State being shared between users!

 
 
Philip Tepedino
Guest
Posts: n/a
 
      07-29-2004
I'm having an odd problem. My website's session state is getting shared
between users!
This problem only happens when a user tries to access the site from inside
our corporate LAN. The user, instead of getting a unique session ID, gets
somehow confused as another session and has access to all of the other
session's info!
I tried switching to cookieless sessions but that didn't make any
difference. This is a huge problem for me, since my site stores user's
specific info on session variables, and when a second user logs in, it has
the info of another client.
It also seems to be caching, somehow, the user's authentication ticket. I've
had a couple instances where after a user logs in, the second user can go to
the site, and not even log in. They already show as logged in (as the first
user)

My first thought was that some cache engine was screwing me, so I had IT
disable caching for my IP range.
It didn't help. Clients are still sharing sessions.
Also, all internal addresses are being proxy'd, but from what I understand
that shouldn't affect the session since a cookie (or the URL-based
cookieless version) would basically link a client with a session regardless
of a proxy server.

Its a total mess, and I'm out of ideas on how I can get this working.
Any help would be greatly appreciated!


Philip Tepedino
Siemens Westinghouse Generation Services



 
Reply With Quote
 
 
 
 
bruce barker
Guest
Posts: n/a
 
      07-29-2004
shared sessions are almost always a coding error, where session data is
stored in static (shared in vb) variable, or a public variable in vb module
which also is a static variable.

-- bruce (sqlwork.com)


"Philip Tepedino" <(E-Mail Removed)> wrote in message
news:%23cr6%(E-Mail Removed)...
> I'm having an odd problem. My website's session state is getting shared
> between users!
> This problem only happens when a user tries to access the site from inside
> our corporate LAN. The user, instead of getting a unique session ID, gets
> somehow confused as another session and has access to all of the other
> session's info!
> I tried switching to cookieless sessions but that didn't make any
> difference. This is a huge problem for me, since my site stores user's
> specific info on session variables, and when a second user logs in, it has
> the info of another client.
> It also seems to be caching, somehow, the user's authentication ticket.

I've
> had a couple instances where after a user logs in, the second user can go

to
> the site, and not even log in. They already show as logged in (as the

first
> user)
>
> My first thought was that some cache engine was screwing me, so I had IT
> disable caching for my IP range.
> It didn't help. Clients are still sharing sessions.
> Also, all internal addresses are being proxy'd, but from what I understand
> that shouldn't affect the session since a cookie (or the URL-based
> cookieless version) would basically link a client with a session

regardless
> of a proxy server.
>
> Its a total mess, and I'm out of ideas on how I can get this working.
> Any help would be greatly appreciated!
>
>
> Philip Tepedino
> Siemens Westinghouse Generation Services
>
>
>



 
Reply With Quote
 
 
 
 
Philip Tepedino
Guest
Posts: n/a
 
      07-29-2004
You have a really good point. I believe some variables may be set as shared.
I guess I expected share to share only on a certain session, but now that
you mention it, that makes no sense at all. not sure what I was thinking!

I guess a question would be.. whats a good alternative? just using session
variables?

thanks a lot!



"bruce barker" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> shared sessions are almost always a coding error, where session data is
> stored in static (shared in vb) variable, or a public variable in vb

module
> which also is a static variable.
>
> -- bruce (sqlwork.com)
>
>
> "Philip Tepedino" <(E-Mail Removed)> wrote in message
> news:%23cr6%(E-Mail Removed)...
> > I'm having an odd problem. My website's session state is getting shared
> > between users!
> > This problem only happens when a user tries to access the site from

inside
> > our corporate LAN. The user, instead of getting a unique session ID,

gets
> > somehow confused as another session and has access to all of the other
> > session's info!
> > I tried switching to cookieless sessions but that didn't make any
> > difference. This is a huge problem for me, since my site stores user's
> > specific info on session variables, and when a second user logs in, it

has
> > the info of another client.
> > It also seems to be caching, somehow, the user's authentication ticket.

> I've
> > had a couple instances where after a user logs in, the second user can

go
> to
> > the site, and not even log in. They already show as logged in (as the

> first
> > user)
> >
> > My first thought was that some cache engine was screwing me, so I had IT
> > disable caching for my IP range.
> > It didn't help. Clients are still sharing sessions.
> > Also, all internal addresses are being proxy'd, but from what I

understand
> > that shouldn't affect the session since a cookie (or the URL-based
> > cookieless version) would basically link a client with a session

> regardless
> > of a proxy server.
> >
> > Its a total mess, and I'm out of ideas on how I can get this working.
> > Any help would be greatly appreciated!
> >
> >
> > Philip Tepedino
> > Siemens Westinghouse Generation Services
> >
> >
> >

>
>



 
Reply With Quote
 
jcn
Guest
Posts: n/a
 
      05-12-2005

I think I have the same problem than you have. Some Session variables
are shared between users. I have this problem only for somme of the
Session variables and only for some of my solution webforms. Users
don't share variable until they navigate to 2 of the webforms of my
application. This application contains 50 webforms.

I have no solution and I hope you solved your problem so you can help
me.

Regards



--
jcn
------------------------------------------------------------------------
Posted via http://www.codecomments.com
------------------------------------------------------------------------

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
difference between asp session state and asp.net session state. archana ASP .Net 0 03-13-2007 11:42 AM
Unable to make the session state request to the session state server Maciek ASP .Net 0 09-15-2005 08:49 PM
Unable to serialize the session state. Please note that non-serializable objects or MarshalByRef objects are not permitted when session state mode is 'StateServer' or 'SQLServer'. Mike Larkin ASP .Net 1 05-23-2005 12:33 PM
Unable to make the session state request to the session state server Not Liking Dot Net Today ASP .Net 0 04-21-2004 11:54 AM
unable to make the session state request to the session state server shamanthakamani ASP .Net 1 11-20-2003 04:51 AM



Advertisments