StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POIIS7 Session loses its values
primarykey
Id
15490832
data
AcceptedAnswerId
0
AnswerCount
3
ClosedDate
CommentCount
13
CommunityOwnedDate
CreationDate
2013-03-19T03:08:40.363
FavoriteCount
1
LastActivityDate
2014-08-13T05:35:04.400
LastEditDate
2013-03-25T13:59:06.663
LastEditorUserId
1416035
OwnerUserId
1416035
ParentId
0
PostTypeId
1
Score
6
ViewCount
2089
LastEditorDisplayName
text
Body
I've implemented a challenge-response scheme as an Ajax handler. For some reason it stopped working after working fine for a couple months. Investigating the issue showed that <code>Context.Session[KEY]</code> had lost its value between the challenge and the response calls. I put <code>Session_Start</code> and <code>Session_End</code> (and a few other) methods in Global.asax.cs with some logging there and I see a new Session_Start event being fired with the same session ID and there was no Session_End event Question is: why does IIS lose the session values? Update: I tried switching to SQLServer sessions but there was no change in behavior. On rare occasions sessions work as intended, not sure why. I tried all "session losing variables" troubleshooting guides I could find to no effect UPDATE 2: I narrowed down the issue to a missing session cookie, but modifying my.browsers config didn't resolve the issue after several attempts. When I call the ajax handler from a browser the session cookie "ASP.NetSessionId" shows up as expected. I changed the cookie name in IIS settings for both the site and the server to "SessionId" but I kept seeing ASP.NET, even after restarting the server. I would still like to give the bounty to someone who has an idea what's going on. In the meanwhile I worked around this problem by setting a session cookie in code. Pseudo code for Login.ashx: <pre><code>string login = GetParameter("login", context); string passhash = GetParameter("pass", context); string challenge = "" + Context.Session["CHALLENGE"]; if (!string.IsNullOrEmpty(challenge)) { // this is the 'response' part string challengeResponse = Crypto.GetChallengeResponse(Challenge, UserFromDB.PassHash); if (challengeResponse == passhash) { // Great success, challenge matches the response Log.I("Success"); return "SUCCESS"; } else { Log.W("Failed to respond"); return "FAILED TO RESPOND"; } } else { // if passed login or session-stored challenge are empty - issue a new challenge challenge = "Challenge: "+ Crypto.GetRandomToken(); Context.Session["CHALLENGE"] = challenge; Log.I("Sent Challenge"); // this is what's in the log below return challenge; } </code></pre> Here's the log, Session started appears with each call, Session.Keys.Count stays 0 even though Session["CHALLENGE"] should have been set: <pre><code>// This is the challenge request: [] **Session started**: sr4m4o11tckwc21kjryxp22i Keys: 0 AppDomain: /LM/W3SVC/1/ROOT-4-130081332618313933 #44 [] Processing: <sv> **MYWEBSITE/ajax/Login.ashx** SID=sr4m4o11tckwc21kjryxp22i [] Sent Challenge @Login.ashx.cs-80 // this is the response, note that there's another Session started with the same id // and the session didn't keep the value ["CHALLENGE"], there are no session-end events either [] **Session started**: sr4m4o11tckwc21kjryxp22i Keys: 0 AppDomain: /LM/W3SVC/1/ROOT-4-130081332625333945 #93 [] Processing: <sv> **MYWEBSITE/ajax/Login.ashx?login=MYLOGIN&pass=RuhQr1vjKg_CDFw3JoSYTsiW0V0L9K6k6==** [] Sent Challenge @Login.ashx.cs-80 >Session: sr4m4o11tckwc21kjryxp22i </code></pre> web config, sanitized <pre><code><?xml version="1.0" encoding="utf-8"?> <configuration> <configSections>  <section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=4.4.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" /> </configSections> <appSettings> <add key="IncludeStackTraceInErrors" value="false" /> </appSettings> <connectionStrings> <add name="ApplicationServices" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnetdb.mdf;User Instance=true" providerName="System.Data.SqlClient" /> <add name="MYConnection" connectionString="metadata=res://*…. and a bunch of other stuff that works" providerName="System.Data.EntityClient" /> </connectionStrings> <system.web> <compilation targetFramework="4.5"> <assemblies> <add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" /> </assemblies> </compilation> <authentication mode="Forms"> <forms loginUrl="~/Account/Login.aspx" timeout="2880" /> </authentication> <membership> <providers> <clear/> <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" /> </providers> </membership> <profile> <providers> <clear/> <add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/" /> </providers> </profile> <roleManager enabled="false"> <providers> <clear/> <add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/" /> <add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" /> </providers> </roleManager> <pages controlRenderingCompatibilityVersion="4.0" /> </system.web> <system.webServer> <modules runAllManagedModulesForAllRequests="true" /> </system.webServer> <entityFramework> <defaultConnectionFactory type="System.Data.Entity.Infrastructure.SqlConnectionFactory, EntityFramework" /> </entityFramework> </configuration> </code></pre>
Tags
<c#><asp.net><asp.net-ajax><session-variables>
Title
IIS7 Session loses its values
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USSten Petrov
UserOwnerUserId
1. USSten Petrov
plurals
PostLinksPostIdRelatedPostId
1. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
2. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
3. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POIIS7 Session loses its values
 UserUserId
 USSten Petrov
 VoteTypeVoteTypeId
 VTBountyStart
2. VO
 singulars
 PostPostId
 POIIS7 Session loses its values
 UserUserId
 USArcher
 VoteTypeVoteTypeId
 VTFavorite
3. VO
 singulars
 PostPostId
 POIIS7 Session loses its values
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.