1

I want to maintain http request Cookie:ASP.NET_SessionId

  • When user login to Application i can set Cookie:ASP.NET_SessionId
  • When user logout the Cookie:ASP.NET_SessionId should not same as user login

Currently i am getting same Cookie:ASP.NET_SessionId on all pages and i want to generate Cookie:ASP.NET_SessionId on each login.

I did try on Global.asax.cs but nothing is working.

static List<string> sessions = new List<string>();
static object sessionLock = new object();

void Application_SessionStart()
{
    lock (sessionLock) {
        sessions.Add(Session.SessionID);
    }
}

void Application_SessionEnd()
{
    lock (sessionLock) {
        sessions.Remove(Session.SessionID);
    }
}

if (HttpContext.Current.Response.Cookies.Count > 0)
        {
            foreach (string s in HttpContext.Current.Response.Cookies.AllKeys)
            {
                if (s == FormsAuthentication.FormsCookieName || s.ToLower() == "asp.net_sessionid")
                {
                    HttpContext.Current.Response.Cookies[s].Secure = HttpContext.Current.Request.IsSecureConnection;
                }
            }
        }

Please check Attachment

Json-Fighter
  • 47
  • 1
  • 1
  • 10

1 Answers1

0
void regenerateId()
{
    System.Web.SessionState.SessionIDManager manager = new System.Web.SessionState.SessionIDManager();
    string oldId = manager.GetSessionID(Context);
    string newId = manager.CreateSessionID(Context);
    bool isAdd = false, isRedir = false;
    manager.SaveSessionID(Context, newId, out isRedir, out isAdd);
    HttpApplication ctx = (HttpApplication)HttpContext.Current.ApplicationInstance;
    HttpModuleCollection mods = ctx.Modules;
    System.Web.SessionState.SessionStateModule ssm = (SessionStateModule)mods.Get("Session");
    System.Reflection.FieldInfo[] fields = ssm.GetType().GetFields(BindingFlags.NonPublic | BindingFlags.Instance);
    SessionStateStoreProviderBase store = null;
    System.Reflection.FieldInfo rqIdField = null, rqLockIdField = null, rqStateNotFoundField = null;
    foreach (System.Reflection.FieldInfo field in fields)
    {
        if (field.Name.Equals("_store")) store = (SessionStateStoreProviderBase)field.GetValue(ssm);
        if (field.Name.Equals("_rqId")) rqIdField = field;
        if (field.Name.Equals("_rqLockId")) rqLockIdField = field;
        if (field.Name.Equals("_rqSessionStateNotFound")) rqStateNotFoundField = field;
    }
    object lockId = rqLockIdField.GetValue(ssm);
    if ((lockId != null) && (oldId !=null)) store.ReleaseItemExclusive(Context, oldId, lockId);
    rqStateNotFoundField.SetValue(ssm, true);
    rqIdField.SetValue(ssm, newId);
}
Muhammad Rashid
  • 563
  • 1
  • 6
  • 25