Sneal - Sharing Session Between Web Apps via Configuration

Wednesday, June 27, 2007

« Really Good Code Comments | Main | Remotely Enabling Remote Desktop From th... »

Sharing Session Between Web Apps via Configuration

Sometimes you want to share session between web apps, not just between web servers. By default you cannot do this with the SQL Server session state provider because it keeps differently named applications session's separate. To allow this, we can modify the TempGetAppID sproc in the ASPState database. Most solutions I've seen to this just override the sproc and allow ALL web apps using this database to share session, or they are hardcoded to look for specific app names. Neither of these options was appealing, and worse yet the second option wasn't even viable when using the builtin Visual Studio 2005 web server.

The solution I came up with was to use the connection string "Application Name" as the appName. If you are familiar with SQL Profiler you will recognize this. By default all .NET applications report they have an application name of ".NET SQLClient Data Provider" unless you have overridden it in the connection string. This allows me to pool sessions between web applications conditionally through a configuration change, that even works on the built-in Visual Studio 2005 web server (webdev.webserver.exe). Here's the new sproc:

    USE ASPState
GO

ALTER PROCEDURE dbo.TempGetAppID
    @appName tAppName,
    @appId int OUTPUT
AS

    -- start change

    -- Use the application name specified in the connection for the appname if specified
    -- This allows us to share session between sites just by making sure they have the
    -- the same application name in the connection string.
    DECLARE @connStrAppName nvarchar(50)
    SET @connStrAppName = APP_NAME()

    -- .NET SQLClient Data Provider is the default application name for .NET apps
    IF (@connStrAppName <> '.NET SQLClient Data Provider')
        SET @appName = @connStrAppName

    -- end change

SET @appName = LOWER(@appName)
SET @appId = NULL

SELECT @appId = AppId
FROM [ASPState].dbo.ASPStateTempApplications
WHERE AppName = @appName

IF @appId IS NULL BEGIN
BEGIN TRAN

SELECT @appId = AppId
FROM [ASPState].dbo.ASPStateTempApplications WITH (TABLOCKX)
WHERE AppName = @appName

IF @appId IS NULL
BEGIN
EXEC GetHashCode @appName, @appId OUTPUT

INSERT [ASPState].dbo.ASPStateTempApplications
VALUES
(@appId, @appName)

IF @@ERROR = 2627
BEGIN
DECLARE @dupApp tAppName

SELECT @dupApp = RTRIM(AppName)
FROM [ASPState].dbo.ASPStateTempApplications
WHERE AppId = @appId

RAISERROR('SQL session state fatal error: hash-code collision between applications ''%s'' and ''%s''. Please rename the 1st application to resolve the problem.',
18, 1, @appName, @dupApp)
END
END

COMMIT
END

RETURN 0
GO

ASP.NET

Wednesday, June 27, 2007 7:34:09 PM (GMT Standard Time, UTC+00:00)

Disclaimer | Comments [5] | Related posts:
Odd ASP.NET 404 Error
ASP.NET MVC Beta1 + IronPython Sample = HttpParseException
Yep, CSS is Case Sensitive
VS 2008 Web Settings
Quote of the Day
Unit Testing JavaScript with WatiN

Wednesday, January 07, 2009 11:50:25 PM (GMT Standard Time, UTC+00:00)

Hey, I was looking high and low for just this information. It really helped. Thanks a lot!

Alex

Friday, May 22, 2009 6:52:34 PM (GMT Standard Time, UTC+00:00)

Hi,

I added a Application Name in session connection string and changed the SP TempGetAppID as mentioned. It only works when you have the same URL like:
http://localhost:2001/;http://localhost:2002/ (I setup these two web sites on the local in different Application Pool, point to the same code base).

It doesn't work for http://dev.mysite.com:2001/ and http://localhost:2002/.

I can see the AppName in ASPStateTempApplications (I put "test" as AppName)

Anyone can help? I am using Asp.net 2.0

Thank you in advance for the help.

Dexian

dexian

Friday, May 22, 2009 6:59:48 PM (GMT Standard Time, UTC+00:00)

I forgot to mention:

ASP.NET_SessionId was different when you use different domain.

dexian

Saturday, May 23, 2009 5:20:16 PM (GMT Standard Time, UTC+00:00)

Yes, the session sharing changes I made only work on the same domain/URL; the common scenario being a load balanced web farm. If you want to use different domains you'll have to make further changes, it might be easier to come up with your own custom session caching mechanism.

Sneal

Thursday, July 30, 2009 3:01:57 PM (GMT Standard Time, UTC+00:00)

Dexian,

Did you find a solution to this problem? We are in the same boat here.

This always seems to run into cross domain scripting blocking, with cookies not available across domains (the age old security restriction).

Our next path will be to mess around with URL based session IDs to be able to pick it up this way, while we wait for answers from a couple of 3rd party software vendors (Alachisoft and Scaleout software).

Following that we are into some rather expensive rebuilds, such as manual session management or reverting back to older server technology.

Let me know if you have had any luck.

Thanks,
Chris

cbouet

Name
E-mail	(will show your gravatar icon)
Home page

	Remember Me
Comment (Some html is allowed: `a@href@title, strike`) where the @ means "attribute." For example, you can use <a href="" title=""> or <blockquote cite="Scott">.
Enter the code shown (prevents robots):
Live Comment Preview

On this page....