Why can't I share Session state between 2 web apps with StateServer? What am I missing?

Question

I'm having trouble getting 2 identical ASP.NET MVC applications to share the same Session using a Session StateServer. The reason I'm trying to do this is we will eventually be deploying this app across 3 web servers that need to share the same state. We need to use StateServer because we are trying to minimise use of the db for non data-related storage.

The Setup:

I've deployed the same code base to http://localhost/App1 and http://localhost/App2

both have identical Web.Config files with the following:

<system.web>
<sessionState mode="StateServer" 
              cookieless="false" 
              timeout="20" 
              stateConnectionString="tcpip=127.0.0.1:42424" />
              //stateConnectionString="tcpip=192.168.1.52:42424" /> // also doesn't work
<machineKey 
  validationKey="8B9F68D0CC730F6F046D0173021C34B1A0D9A01C21D8E4D4A7A1DFF38332DEE8CBBAFEA503C18776614EE9D4F7EEA7E5D2D5571630547D822485A27B1EF53AC1"
  decryptionKey="60009563EFCFC594FD1BC46684943AA398EE70412A624B2EB488BBB071F15ECF"
  validation="SHA1" decryption="AES" />

I used this tool to generate these machine keys

The Test:

I put the following into one of my Controllers to test if it was working:

ViewData["mode"] = requestContext.HttpContext.Session.Mode.ToString();

string timestamp = DateTime.Now.ToString();
if (requestContext.HttpContext.Session["timestamp"] == null)
{
    requestContext.HttpContext.Session["timestamp"] = timestamp;
}

ViewData["timestamp"] = requestContext.HttpContext.Session["timestamp"].ToString();
ViewData["realtime"] = timestamp;

with this in the view:

<p>
    Mode: <%= ViewData["mode"].ToString() %>
</p>
<p>
    Time: <%= ViewData["timestamp"].ToString() %>
</p>
<p>
    real time: <%= ViewData["realtime"].ToString() %>
</p>

The Result:

For both deployments, when the page first loads I can see that the mode is StateServer and the timestamp is getting set to the same time as the realtime value.. However, if this was working, only the first page should have the same time as the realtime value. The second page load should read from the StateServer because that timestamp value is no longer null, and display that time value. But instead, it's displaying the realtime value again.

When I refresh the page, I the timestamp stays the same and the realtime value is always updating. This indicates that the timestamp is being saved to the Session, but the time stamp value is always different for both deployments when it should be the same, so this indicates that the Session is not being shared.

Can somebody point out if I'm doing something wrong or if there's something else I need to do to get this to work? Thanks

Answer 1

By default session cannot be shared between different applications. From what I can see you have two distinct applications App1 and App2 which run in separate virtual directories and probably even separate application pools, so don't expect to share session between them.

As always there are workarounds that you may find useful. As you can see it's using a hack (reflection) to circumvent ASP.NET team designer's determination to not expose certain classes and properties and make our life as developers difficult.

Answer 2

Update: Here is a previous post I answered on this same topic Sharing sessions across applications using the ASP.NET Session State Service

As already pointed out, Session data is scoped to the application. That is the Application you create in IIS. So two applications with the same session id will not be sharing the same session because of the application scoping.

As an alternative idea that might or might not be feasible for you. You can create a root application and have the code for D:\App1 and D:\App2 in two subfolders.

d:\Root
  web.config
  \App1
     default.aspx
     ...
  \App2
     default.aspx
     ...

Then in IIS you create an Application pointing to d:\Root.

You can also create an Application in IIS and then under the Application you create two virtual directories, one pointing to D:\App1 and the other to D:\App2, then they can also share a single web.config at the Application level. It is critical that the two virtual directories are just virtual and not created as Applications.

So you harddisk layout might look something like this

D:\Root
  web.config

D:\App1
  default.aspx
  ...

D:\App2
  default.aspx
  ...

Create the root application pointing to D:\Root and then under the application create the two virtual directories App1 pointing to D:\App1 and App2 pointing to D:\App2.

The effect in both cases is that you actually have one application split into two sections, both in the same Session scope therefore the code for both can share the same session data.

Answer 3

You also have to make sure that the application path for the app has to be the same on both web servers. There is an old article here that might help

http://support.microsoft.com/default.aspx?scid=kb;EN-US;q325056

We are currently experiencing a similar problem, except that we are using IIS 7.5 and the application paths are hidden to us (does not use the metabase anymore). Does anyone know a way of troubleshooting this with IIS 7.5?

Answer 4

I've answered a similar question with sharing states, it might at least give an idea. This requires SQL for the state and not state server so I'm not sure how helpful it will be.