Multiple Classic ASP SessionID's when using both AJAX and standard HTML POST requests.

Question

I'm using Classic ASP and a bit of AJAX to post the contents of a form back to the page on which the AJAX form lives. Upon AJAX POST the page saves one of those fields (email, to be specific) into a Session variable. The user then goes about their business - perhaps requesting the page again via normal HTTP.

However, this leaves my browser (Firefox 3.0.6) with TWO ASPSESSIONxxxx cookies - I assume one for the AJAX request and one for the standard HTTP call.

This causes the page (which relies upon the Session var) to select either ASP Session ID at random from the two that have been created - one with the Session var set and one without.

I've dealt with this before in PHP and Flash, and you can SET the Session ID in PHP, but not in ASP.

Is there any ASP-specific way to counteract this behavior - or should I just give up and use cookies? :)

Answer 1

I think there might be something else going here.

I threw together a quick example that I think is doing what you're describing and the sessions appear to be behaving.

<%@ LANGUAGE=VBSCRIPT %>
<% if Request.Form("curid") = "" then %>
<html>
    <head>
        <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.0.3/prototype.js"&gt;&lt;/script&gt;

        <script type="text/javascript">
            Event.observe(window, 'load', function() {
                Event.observe($('sessiontest'), 'click', function(event) {
                    Event.stop(event);

                    new Ajax.Request( 'test.asp', {
                        method:  'POST',
                        parameters:  {'curid':  $('curid').value},
                        onSuccess:  function(response) {
                            window.location = 'test.asp';
                        },
                        onFailure:  function() {
                            alert('FAIL!');
                        }
                    });
                });
            });
        </script>
    </head>
    <body>
            <p><input type="text" id="curid" value="<%=Session("curid")%>" /></p>
            <p><a href="#" id="sessiontest">Save ID to Session</a></p>
    </body>
</html>
<% 
else
    Session("curid") = Request.Form("curid")
    Response.write "I was called via POST"
end if 
%>

I'm also Windows w/ FF 3.0.6.

Answer 2

Ben,

I'm pretty certain, (while I have not confirmed for sure) that double asp sessions are the result of a worker process (application pool) assigned to more than 1 virtual host on the same server. Any chance that is the case in your environment?

I stumbled across this page as I am just about ready to debug and deploy a classic asp ajax implementation whereas this is a concern I wanted to investigate before even doing so.

Also default ASP Session behavior has changed throughout the generations of windows servers (however not sure about how it works in XP/Vista implements of IIS).

My post is a little bit dated by two months, did you get this situation resolved? And curious what Server environment/IIS you are testing/using with your situation.