I access some session variables from within a class library, the properties/methods are being called from a ASP.NET page. But the Session returns nothing why would this be?
Does your code run before HttpApplication.AcquireRequestState event?
Is SessionState http module enabled? If thats disabled, your session would return null.
Related
I have an ASMX webservice hosted alongside my ASP.NET web app. Now, I need to get the users session into the Webservice. To test this I made this simple method:
[WebMethod(EnableSession = true)]
public string checkSession()
{
return HttpContext.Current.Session["userid"].ToString();
}
So, first I login to my web app, then in the browser goto my webservice and click "checkSession" on that auto generated test page. I have tested this on 3 computers. All 3 of those work fine with the webapp(so the sessions are being created etc), and 2 of those return the value of Session["userid"] on invoking the webmethod, however the last computer returns "Object reference not set to an instance of an object" because Session is null.
So, whats the difference between these computers and why can my ASP.NET app get the sessions on all computers but the webservice cant?
maybe it's too late, but have you tried this:
[WebMethod(EnableSession = true)]
public string checkSession()
{
return HttpContext.Current.Session.SessionID
}
SessionIDs are stored as cookies on the client's browser by default (Session State Overview). So check if that cookie is being created properly on that problem computer. Maybe cookies are disabled for some reason? In that case it would not be sending the SessionID to the server when you are hitting that web service.
Can you check how many worker processes is your application using? You can check it in your App pool settings in IIS.
If more than one worker process are being used then it is called to be running a web garden. If that is the case then in proc session will not be useful as this session is not shared among the worker processes. Have a look at http://www.west-wind.com/weblog/posts/2005/Apr/20/Why-you-shouldnt-use-InProc-Session-State-in-ASPNET
Have you got Session disabled in IIS, this would over rule .net.
Have a look at this http://technet.microsoft.com/en-us/library/cc732964(v=ws.10).aspx - it tells you how to disable session, but shows where to check the setting.
Thanks
Fran
By default web services are and should be stateless. However if you must use session information be sure to use the marker interfaces IReadOnlySessionState and IRequiresSessionState in order to access, use, or modify session state information in the webservice.
Web service by default wont support Session. You need to explicitly specify the parameter in web method attribute
These two things work for me
<add name="Session"
type="System.Web.SessionState.SessionStateModule"/> under
<httpModules>
enableSessionState="true" in <page> tag
A session object is accessible by:
var session = this.Session;
var contextSession = this.Context.Session;
best way to do this approach check before your session is not null and in the other side you
initialize the selected session with your value and then when and where web service working with httpcontext.current.session have value !
web services are stateless and best way is get value in web service instead of set or initialize session value
How to get session value in code file while session is created in httphandler .it gives error like Object reference not set to an instance of an object.
The session is connected with a page request, to work is require to read the cookie of the user from the browser, or the url in case that is with out cookies.
So in the asp.net session if you do not have the httphandler, you can not have the session, because you can not know who is calling and see the page at that time.
Maybe in a custom solution session, you can send the session id to some other code with out the httphandler and use that id to read the session data, but the asp.net did not give this option.
When calling page methods or web services with either jquery or MSAjax, the Session object appears to be null so Im finding it hard to track users who execute them.
Seeing that the session id is sent with the cookie on each request, is it possible to obtain the session object from somewhere?
You can enable the session in your WebMethod attribute like so.
[WebMethod(EnableSession = true)]
This should enable you to access the Session object.
which event is the most suitable to check for Session expired? i'm trying to trap each server request, and if Session is null, redirect to a different page.
You can determine if a new session is being created by hooking Session_OnStart - http://msdn.microsoft.com/en-us/library/ms178583(VS.80).aspx
You can handle the Session_OnStart
event by adding a subroutine named
Session_OnStart to the Global.asax
file. The Session_OnStart subroutine
is run at the beginning of a request
if the request begins a new session. A
new session will be started if a
request is made that does not contain
a SessionID value or if the SessionID
property contained in the request
references a session that has expired.
This will tell you effectively when a new session is being created, regardless of if the user just arrived or the session had expired.
It would be hard to reliably differentiate between both scenarios. I guess you could try to get a hold a the session id in the either the session cookie or embedded in the url (cookieless), but you would need to check it before getting to the above event, and later check whether the request had a session id originally. Check if you can get to the session id in the cookieless version, because it is stripped out of the urls asp.net gives you (not sure if early in the lifecycle you get to see it).
This is often best achieved by using a base Page class for all otehr classes, and implementing this in the Page_Load method.
Use BasePage class, which inherits from Page class. Let every aspx page inherits that BasePage class. In BasePage class, override OnInit event, in which you can check for Session or Cookie, and redirect user to login page (for example).
I use this approach for all mine webforms apps, because it's easy to implement and use.
I have a custom security principal object which I set in the global.asax for the current thread and all is well, no problems normally.
However, I'm just adding a dynamic image feature by having a page serve up the image and whenever that dynamic image page is loaded the System.Web.HttpContext.Current.Session is null in global.asax which prevents me from setting the security principal as normal and cascading problems from that point onwards.
Normally the Session is null in global.asax only once during a session at the start when the user logs in, afterwards it's always available with this single exception.
The dynamic image page is loaded when the browser comes across an image tage in the original page i.e.
I'm guessing that this is some aspect of the fact that the browser is requesting that page without sending some credentials with it?
Any help would be greatly appreciated.
John,
I'm assuming you're using an ashx handler for the handler. If so, be sure to derive from IRequiresSessionState for example:
public class Images : IHttpHandler, System.Web.SessionState.IRequiresSessionState
{ }
If you're not using an ashx can you describe what you mean by dynamic image page?
Josh
in Global.asax.cs Session_Start() and Session_End() you need to use "this.Session" !!
The reason for this is that HttpContext is only available when there is a request that is being processed. That is why you are getting a NULL on HttpContext.Current.Session!
From Microsoft website:
"HttpContext Class: Encapsulates all HTTP-specific information about an individual HTTP request."
But don't feel bad ... i fell for this one too! :)
Session has nothing to do with being logged in or not.
What event are you overriding when you want access to the session? Session isn't available until AcquireRequestState has been fired.
For more information, see: http://msdn.microsoft.com/en-us/library/9ysfzy8h.aspx
yes you are right This happens because the object dependancy might conficts in case of other page transferance parallel which may break down the firewall between sessions