Querying session data when using StateServer service - asp.net

Does anybody know of a way to query across all active sessions when using StateServer service in a .NET 4.0 web app?
In my scenario, I am setting a piece of session data when the user navigates to one of our partner sites. The partner site then periodically calls a service on our site which verifies if the session is still active and returns some other data.
I managed to get it working when I was initially using InProc sessions using the solutions outlined in: List all active ASP.NET Sessions, however when I switched to using StateServer service, these techniques don't work and I can't query the sessions.
Any ideas?
Many thanks

I suggest you to go through this article - Counting the Currently Active Sessions
The session state is stored in a database called ASPState. The
database includes several stored procedures and creates a couple of
tables to the TempDB database. The tables are called
ASPStateTempApplications and ASPStateTempSessions. Knowing how many
sessions are currently active is as easy as running a SELECT against
the AspStateTempSessions table. If the session is working in
StateServer mode, none of these tricks will work.
Reference:
Session State Management
The ASP.NET Sessions Active counter (NOT State Server) shows invalid number after installing .NET 3.5 SP!
Count Active Sessions in ASP.Net, some what same as the link you specified in the question.

Related

When using MySqlSessionProvider, what deletes expired sessions?

Everything I know about Asp.Net Session Providers I know from this MSDN page. However, at work we're using the MySql Session Provider and I'm confused about one detail: Session Expiration.
On that MSDN page, it says:
The ASPState database includes a SQL Server Agent job that
periodically (by default, every 60 seconds) calls the stored procedure
DeleteExpiredSessions to remove expired sessions.
I have a few problems with this. We're using MySql so there is no SQL Server Agent to do this. Also, there doesn't appear to be any Routines at all for our instance of the database. For the record, we do have autogenerateschema="true" so if it used Routines, I'd imagine it would have made them.
Can somebody shed some light on the MySql specifics of the Session State Store and Session Expiration?
From the source code, it looks like the MySqlSessionStateStore class takes care of it by running a timer that clears expired sessions.

Classic ASP session is aborting when site is hosted in Cloud Enviornmnet

I'm storing my user details in the session variable. When some I/O operation happens the other users session also destroying. If I run the same application in the Single server environment the session is working fine.
I have tested with this code also
{meta name='test' content='Set-Cookie: ASPSESSIONID=494351627; path=/' /}
What would be the problem?
Thanks in advance.
Probably the App Pool would be restarting. This could happen every couple of minutes if there is a shared server with several sites sharing an app pool and the app pool is set to recycle if it uses up too much memory.
The only fixes for this are:
a) move onto a different hosting environment
b) use cookies to identify the user and look them up in the database (eg store an encrypted user ID in a cookie and store any related data in the database)
If you have a lot of other stuff in session memory you could consider implementing a database table just for storing session state (in classic asp you would have to roll your own - in .net this is a standard config option).
If it is a big app with a lot of reliance of session variables you would want to go for option A if possible.

Share session among asp.net balanced applications without saving session in DB

Is there a way to share session among asp.net balanced applicatiosn without saving session in DB (i.e. without using SQLServer sessionState)? Actually, could load balancers take care of that by themselves?
To share a user session, yes. You have two options:
User an ASP.NET state server and have the web servers point to that.
Enable sticky sessions on the load balancer, so that once a session is started on a particular machine, all further requests for that session will go to the same machine. (really this is the less ideal of the two as it can still have problems if the app pool resets etc.)
There are other applications from MS etc, that you can use to store state also.

IIS7: Sharing Sessions Between Applications With State Server

I have my default website in IIS7 bound to an ASP.NET application. This application is using the ASP.NET State Server to store session data. I would like to add an additional ASP.NET MVC application to this website. Is it possible to share the session between these two applications using the state server? I've read that there are ways to do it storing session data in SQL Server, but I can't find any documentation on doing it with the state server.
Thanks,
Nathan
Best advice I have to to switch to SQL Server for the session state store. It's not difficult to set up if you already have SQL Available and use the following technique:
Sharing sessions across applications using the ASP.NET Session State Service
For this situation you are probably best to write your own custom session state provider that runs on a SQL database.
details are here:
http://msdn.microsoft.com/en-us/library/aa479034.aspx
the reason i'd write a custom provider is because simply settings up an SQL session provider will not be enough as the applications will use different session keys and therefore will not share state between them. by writing your own session provider you can have fine grained control over the whole process and therefore override the checks in place using the default sql session provider.

ASP.NET Single Login - Is distributing session the answer

We have 5 balanced web servers with various websites.
What I am trying to achieve is to ensure a single login.
i.e. the same user account cannot login to the same website more than once at any given time.
The method i'm considering for solving this, is to share session amongst the servers so I can control which session is assigned to which account. I can then have control over my logins. If a user logs in and there is already a session assigned to their user account, I can just expire the first session or reject the login.
I don't want to lose the benefit of the balanced servers, so using a single Sql Server as my session state server, or a single server to handle login is not an option.
Is distributed session (something like Scaleout Sofware) the correct approach to achieve this?
Or is there another mechanism to handle single login that i'm blissfully unaware of?
You have two set of problems here:
1) Allowing just one connected user in a web farm scenario
2) Detecting user logoff
To solve the first the only solution is a central storage for some kind of user state, using a central server to store the ASP.Net session or some other kind of centralized user state. This central storage can be SQL Server using the native management of session state (btw also Oracle, from Oracle 11, can support session storage), the AspState service or an external solution, like ScaleOut (as you said) or its open source alternative memcached (see https://sourceforge.net/projects/memcacheddotnet/). Or you can design a simple centralized web service that check active logins against a SQL Server database, this way you can also quickly create reporting tools about logged on users and so on.
Real problem, in my opinion, lies in the second part, that you need to maintain the different "wrong logoff" scenarios that are available in a web world (like closing the browser due to a crash or shutting down applications without logging off), giving you application some way to gracefully work with user that has an old session enabled (as you said simply expiring the first session can work).
Keep also in mind that using a state server like SQL server will not make you loose the balanced servers, if's the way of working to have a web farm environmet and sharing session, only problem lies in performance (if session state become large) and the cost involved in using SQL Server if you do not already have the proper license.

Resources