Menu
I have a Download page with links to files stored locally on the web server. All is well when a user opens a text file, but when they open an Office file and choose "Open" from the resulting dialog in IE or Firefox, ASP creates a new session.
My simplified controller method is:
<HttpGet()>
<AppAuthorize(Domain.Security.TransactionId.Download)>
Public Function Download(fileName As String) As ActionResult
' fileName example: C:\ProgramData\MyCompany\MyApp\SomeFile.txt
Return New FilePathResult(fileName, "application/octet-stream")
End Function
Debugging shows that as soon as you click "Open" in the browser, the Global.asax Session_Start() event is triggered.
If you Save the file and then view it in IE a new session is not created. It is only a problem if you click the Open button as pictured above.
Why is this and how can I prevent it?
The core problem is that when my app sees a new session started and the user has a valid Forms Authentication cookie, it assumes IIS restarted and deletes the user's cookie. So every time a user opens a Word doc they get logged out of the app.
800
When a DOC link is clicked in Internet Explorer, it hands it off to Word. This means that Word does the downloading, not IE. Because of this, there is a new "browser connection" made and a new session will be created because it's not actually IE doing the downloading.
84
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
