tags:

views:

136

answers:

1
Q: 

Setting Path and Expiration for session cookie in asp.net

Anything I have tried didn't work. Currenly I have following code to change asp.net session cookie expiration date and path, but asp doesn't want to listen to me. I sends same cookie in Set-Cookie header two times sometimes, sometimes it sends it's default cookie ignoring path and expiration date, sometimes it sends everything as expected, and sometimes it doesn't send Set-Cookie at all. What should I do. This drives me nuts :(

My code in Global.asax

protected void Application_PreRequestHandlerExecute(Object sender, EventArgs e)
{
  /// only apply session cookie persistence to requests requiring session information
  if (Context.Handler is IRequiresSessionState || Context.Handler is IReadOnlySessionState)
  {
    var sessionState = ConfigurationManager.GetSection("system.web/sessionState") as SessionStateSection;
    var cookieName = sessionState != null && !string.IsNullOrEmpty(sessionState.CookieName)
      ? sessionState.CookieName
      : "ASP.NET_SessionId";

    var timeout = sessionState != null
      ? sessionState.Timeout
      : TimeSpan.FromMinutes(20);

    /// Ensure ASP.NET Session Cookies are accessible throughout the subdomains.
    if (Request.Cookies[cookieName] != null && Session != null && Session.SessionID != null)
    {
      Response.Cookies[cookieName].Value = Session.SessionID;
      Response.Cookies[cookieName].Path = Request.ApplicationPath;
      Response.Cookies[cookieName].Expires = DateTime.Now.Add(timeout);
    }
  }
}
+1  A: 

Maybe if you try using the system call, and not direct change the cookies..

HttpContext.Current.Session.Timeout = 20;

update

After your comments, and from what you say to me, is that you try to use the same cookie, for 2 different applications, and set different time outs. But asp.net can keep only one session for every cookie. To solve that you must use 2 different named cookies, and not different cookie path.

On each application directory, on web.config, change the 

<sessionState cookieName="AppSessionCookieName" ..>

Reference for more infos
http://msdn.microsoft.com/en-us/library/h6bb9cz9.aspx

Hope this solve the problem.

Aristos  2010-03-25 08:03:51
what about path?
Sergej Andrejev  2010-03-25 08:27:16
The path is OK. I have different instance of same application on same domain. I wan't to set path to allow them to work side by side without changing each other session. Request.ApplicationPath looks good to me too. It's not physical path as I can see so far. It returns something like "/MyApplication" or "/" depending on how it's configured in IIS, but I could as well store this value in Web.Config if I suspect Request.ApplicationPath don't provide what I expect. For now it's not a problem where to get this path but how to pass it to browser.
Sergej Andrejev  2010-03-25 10:00:10
Also I found what was an error. On ITest server I had <sessionState timeout="1" /> and it expired too quickly. I couldn't see that on my dev machine because I had different web.config here. But the question about Path is still valid.
Sergej Andrejev  2010-03-25 10:01:33
I guess I found answer to Path question myself.private static HttpCookie CreateSessionCookie(string id){ HttpCookie cookie = new HttpCookie(Config.CookieName, id); cookie.Path = "/"; cookie.HttpOnly = true; return cookie;}
Sergej Andrejev  2010-03-25 10:09:03
Ok, my error about path, I update my answer
Aristos  2010-03-25 10:11:01

related questions

Autosizing Textarea
Regular expression for parsing links from a webpage?
What are good tools for creating compiled HTML help files (.chm)?
Looking for WYSIWYG HTML editor
Any reason not to start using the HTML 5 doctype?
HTML comments break down
HTML Comments Markup
Setting a div's height in HTML with CSS
Wrapping lists into columns
Is a "Confirm Email" input good practice when user changes email address?
<XMP> Tag
HTML version choice
Options for HTML scraping?
How do you disable browser Autocomplete on web form field / input tag?
How do I make a checkbox toggle from clicking on the text label as well?
Html CSS Editor
Wordpress theme development offline tools
How do I give my web sites an icon for iPhone?
In HTML, how to word-break on a dash?
Detecting font in JavaScript
How do you test layout design across multiple browsers/OSs?
How do I print an HTML document from a web service?
Multiple submit buttons on a HTML form
How can I determine a web user's time zone?
Why doesn't the percentage width child in absolutely positioned parent work in IE7?