tags:

views:

89

answers:

3
+4  Q: 

How to keep session alive between two calls to a web service in a c# application?

This is quite straight forward.
I'm calling a web-service (.asmx, with session enabled) from a c# application.

I want each call to be with the same session key as the previous one (as opposed to creating a new session key each time).

Here's my (nothing-out-of-the-ordinary) code: 

public string invokeMethod(string methodUrl)
{
 HttpWebRequest req = (HttpWebRequest)WebRequest.Create(methodUrl);
 req.Method = "GET";
 req.ContentLength = 0;
 var result = new StringBuilder();
 using (HttpWebResponse res = (HttpWebResponse)req.GetResponse())
 {
   StreamReader sr = new StreamReader(res.GetResponseStream());
   result.Append(sr.ReadToEnd());
 }
 return result.ToString();
}

Now I want to call it again, in the same session.

Added: Thanks to Waleed's answer, I think I should be doing (after retrieving the session id) something like:
Added once more: This is how it's done:

if (!string.IsNullOrEmpty(currentSessionID))
{
  Cookie cookie = new Cookie("ASP.NET_SessionId", currentSessionID);
  cookie.Domain=myDomain;  //Will not work without this line!
  req.CookieContainer.Add(cookie);  
}

Thanks again.

+1  A: 

If I understand the question correctly, I believe you'll need to get the session cookie from the response (the first time you call the web service) and add it to the request in the subsequent calls.

Edit:

Using CookieContainer is the correct way but be aware that it's null by default so you'll have to to assign a CookieContainer object to the property before making the request (see the example code in the MSDN's article).

As to the cookie name, the default name for ASP.NET session cookie is ASP.NET_SessionId, but the name can be different as it can be changed in web.config, or they might not be using ASP.NET sessions (their own implementation for example), so you'll have to check the cookies you get from the domain of that application (You can use an HTTP sniffer like Fiddler, or more easily if you're using FireFox or Chrome, you can check the names and contents of the cookies you get from that domain in the options dialog box).

Waleed Eissa  2010-10-05 10:43:00
Thanks for the input, I've got a few steps forward but stuck again, please refer to my edit.
Oren A  2010-10-05 10:59:24
Sorry for negative but had to do it. In the surface this looks good. But in reality the session id will be invalid when TCP connection is closed so the session id will be replaced with a new one by the server.
Aliostad  2010-10-05 11:54:18
@Aliostad: I'm not sure if I got exactly what you meant, but it worked for me.
Oren A  2010-10-05 11:57:07
@Aliostad, actually the session id will not change if you send the session cookie to the application. The application will only create another session id if it doesn't find a session cookie in the request.
Waleed Eissa  2010-10-05 12:26:40
@Waleed I will be most surprised if that is the case. It will be a security breach in my view. Do you have a reference for this? But if it is the case, then well done for this level of depth of knowledge. I will check and get back to you.
Aliostad  2010-10-05 12:29:04
Also this will not have the desired effect of keeping the session. if it creates the session id if does not exist. This will mean all the session data has been lost anyway.
Aliostad  2010-10-05 12:30:20
@Aliostad, HTTP is stateless so TCP doesn't affect the application session (it's used for the connection with the server of course). Session expiration is time based in ASP.NET, so you only need to send a cookie that contains a valid session id (for a session that has not yet expired). Even if you send another session id or get another session id issued to you, you still can send an old session id as long as the session has not expired. Of course, this is assuming they use the default ASP.NET sessions, and don't have their own different implementation.
Waleed Eissa  2010-10-05 12:42:30
Just to add, you can also send the session id of an expired session (but of course the the session data will have already been lost). ASP.NET will just create a new session object for that id.
Waleed Eissa  2010-10-05 12:59:18
You are absolutely right. Just being silly :)
Aliostad  2010-10-05 13:01:19
@Aliostad, it's ok mate, it's no big deal :)
Waleed Eissa  2010-10-05 13:53:08
A: 

There is a good discussion of using ASP.NET session state with web services on MSDN here:

http://msdn.microsoft.com/en-us/library/aa480509.aspx

Dave R.  2010-10-05 11:09:30
+1  A: 

From first call, look after ASP.NET_SessionId value in response, this is session Id by default.

Then add it to next call (see below):

http://support.microsoft.com/?kbid=899918

Xaqron  2010-10-05 11:20:54

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?