views:

147

answers:

2

So, here's the deal. I've got two ASP.NET applications, both of which use SQLServer Session State management. They also both use the same server. I've got a custom session class in an external DLL, which fully implements serialization, and which both applications have referenced. Each application, in turn, has a class which inherits from the DLL class, and both applications use their own respective classes for their session state.

Now, what I was trying to accomplish was that if you wanted to go to the other application, it could look in the session (they all use the same session key) and treat the existing object there as the base (the one from the DLL), extract whatever login info you need, then overwrite the session object with your own. Unfortunately, when the second application attempts to read the session, it seems that it looks for the DLL of the first application, and when it can't find it, it throws an exception.

Is there a flaw in my logic?

Here's an example:

// Global.asax of the 1st app  
protected void Session_Start(object sender, EventArgs e)  
{  
    Session.Add(  
        "UserSessionKey",  
        new FirstUserSession()); // FirstUserSession inherits from BaseUserSession  
}

Now the second application:

// Global.asax of 2nd app
protected void Session_Start(object sender, EventArgs e)
{
    if (Session["UserSessionKey"] != null)
    {
        BaseUserSession existing = (BaseUserSession)Session["UserSessionKey"];

        SecondUserSession session = new SecondUserSession(); // This also inherits from BaseUserSession

        session.Authenticated = existing.Authenticated;
        session.Id = existing.Id;
        session.Role = existing.Role;

        Session.Add("UserSessionKey", session);
    }
    else
    {
        Session.Add("UserSessionKey", new SecondUserSession());
    }
}

Here's the exception stack trace. In this case, "MyCBC" is the real name of the first app, and "ASPTesting" is the second app.

[SerializationException: Unable to find assembly 'MyCBC, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null'.]
   System.Runtime.Serialization.Formatters.Binary.BinaryAssemblyInfo.GetAssembly() +1871092
   System.Runtime.Serialization.Formatters.Binary.ObjectReader.GetType(BinaryAssemblyInfo assemblyInfo, String name) +7545734
   System.Runtime.Serialization.Formatters.Binary.ObjectMap..ctor(String objectName, String[] memberNames, BinaryTypeEnum[] binaryTypeEnumA, Object[] typeInformationA, Int32[] memberAssemIds, ObjectReader objectReader, Int32 objectId, BinaryAssemblyInfo assemblyInfo, SizedArray assemIdToAssemblyTable) +120
   System.Runtime.Serialization.Formatters.Binary.ObjectMap.Create(String name, String[] memberNames, BinaryTypeEnum[] binaryTypeEnumA, Object[] typeInformationA, Int32[] memberAssemIds, ObjectReader objectReader, Int32 objectId, BinaryAssemblyInfo assemblyInfo, SizedArray assemIdToAssemblyTable) +52
   System.Runtime.Serialization.Formatters.Binary.__BinaryParser.ReadObjectWithMapTyped(BinaryObjectWithMapTyped record) +190
   System.Runtime.Serialization.Formatters.Binary.__BinaryParser.ReadObjectWithMapTyped(BinaryHeaderEnum binaryHeaderEnum) +61
   System.Runtime.Serialization.Formatters.Binary.__BinaryParser.Run() +253
   System.Runtime.Serialization.Formatters.Binary.ObjectReader.Deserialize(HeaderHandler handler, __BinaryParser serParser, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage) +168
   System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Deserialize(Stream serializationStream, HeaderHandler handler, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage) +203
   System.Web.Util.AltSerialization.ReadValueFromStream(BinaryReader reader) +788
   System.Web.SessionState.SessionStateItemCollection.ReadValueFromStreamWithAssert() +55
   System.Web.SessionState.SessionStateItemCollection.DeserializeItem(String name, Boolean check) +281
   System.Web.SessionState.SessionStateItemCollection.get_Item(String name) +19
   System.Web.SessionState.HttpSessionStateContainer.get_Item(String name) +13
   System.Web.SessionState.HttpSessionState.get_Item(String name) +13
   ASPTesting._Default.Page_Load(Object sender, EventArgs e) in C:\Documents and Settings\sarsstu\My Documents\Projects\Testing\ASPTesting\ASPTesting\Default.aspx.cs:20
   System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +14
   System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +35
   System.Web.UI.Control.OnLoad(EventArgs e) +99
   System.Web.UI.Control.LoadRecursive() +50
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +627

Thanks to everyone in advance.

A: 

exisiting isn't a baseusersession, it is a firstusersession cast as a baseusersession. As such it could be potentially cast back to a firstusersession, which only exists in the mycbc assembly.

Ben Robinson