Why can't I share Session state between 2 web apps with StateServer? What am I missing?

Question

I'm having trouble getting 2 identical ASP.NET MVC applications to share the same Session using a Session StateServer. The reason I'm trying to do this is we will eventually be deploying this app across 3 web servers that need to share the same state. We need to use StateServer because we are trying to minimise use of the db for non data-related storage.

The Setup:

I've deployed the same code base to http://localhost/App1 and http://localhost/App2

both have identical Web.Config files with the following:

<system.web>
<sessionState mode="StateServer" 
              cookieless="false" 
              timeout="20" 
              stateConnectionString="tcpip=127.0.0.1:42424" />
              //stateConnectionString="tcpip=192.168.1.52:42424" /> // also doesn't work
<machineKey 
  validationKey="8B9F68D0CC730F6F046D0173021C34B1A0D9A01C21D8E4D4A7A1DFF38332DEE8CBBAFEA503C18776614EE9D4F7EEA7E5D2D5571630547D822485A27B1EF53AC1"
  decryptionKey="60009563EFCFC594FD1BC46684943AA398EE70412A624B2EB488BBB071F15ECF"
  validation="SHA1" decryption="AES" />

I used this tool to generate these machine keys

The Test:

I put the following into one of my Controllers to test if it was working:

ViewData["mode"] = requestContext.HttpContext.Session.Mode.ToString();

string timestamp = DateTime.Now.ToString();
if (requestContext.HttpContext.Session["timestamp"] == null)
{
    requestContext.HttpContext.Session["timestamp"] = timestamp;
}

ViewData["timestamp"] = requestContext.HttpContext.Session["timestamp"].ToString();
ViewData["realtime"] = timestamp;

with this in the view:

<p>
    Mode: <%= ViewData["mode"].ToString() %>
</p>
<p>
    Time: <%= ViewData["timestamp"].ToString() %>
</p>
<p>
    real time: <%= ViewData["realtime"].ToString() %>
</p>

The Result:

For both deployments, when the page first loads I can see that the mode is StateServer and the timestamp is getting set to the same time as the realtime value.. However, if this was working, only the first page should have the same time as the realtime value. The second page load should read from the StateServer because that timestamp value is no longer null, and display that time value. But instead, it's displaying the realtime value again.

When I refresh the page, I the timestamp stays the same and the realtime value is always updating. This indicates that the timestamp is being saved to the Session, but the time stamp value is always different for both deployments when it should be the same, so this indicates that the Session is not being shared.

Can somebody point out if I'm doing something wrong or if there's something else I need to do to get this to work? Thanks

Answer 1

Actually you can share sessions using Sql server mode.

Try this:-

I just changed the procedure i.e.

USE ASPState
GO

ALTER PROCEDURE dbo.TempGetAppID
    @appName tAppName,
    @appId int OUTPUT
AS

    -- start change

    -- Use the application name specified in the connection for the appname if specified
    -- This allows us to share session between sites just by making sure they have the
    -- the same application name in the connection string.
    DECLARE @connStrAppName nvarchar(50)
    SET @connStrAppName = APP_NAME()

    -- .NET SQLClient Data Provider is the default application name for .NET apps
    IF (@connStrAppName <> '.NET SQLClient Data Provider')
        SET @appName = @connStrAppName

    -- end change

SET @appName = LOWER(@appName)
SET @appId = NULL

SELECT @appId = AppId
FROM [ASPState].dbo.ASPStateTempApplications
WHERE AppName = @appName

IF @appId IS NULL BEGIN
BEGIN TRAN 

SELECT @appId = AppId
FROM [ASPState].dbo.ASPStateTempApplications WITH (TABLOCKX)
WHERE AppName = @appName

IF @appId IS NULL
BEGIN
EXEC GetHashCode @appName, @appId OUTPUT

INSERT [ASPState].dbo.ASPStateTempApplications
VALUES
(@appId, @appName)

IF @@ERROR = 2627 
BEGIN
DECLARE @dupApp tAppName

SELECT @dupApp = RTRIM(AppName)
FROM [ASPState].dbo.ASPStateTempApplications 
WHERE AppId = @appId

RAISERROR('SQL session state fatal error: hash-code collision between applications ''%s'' and ''%s''. Please rename the 1st application to resolve the problem.', 
18, 1, @appName, @dupApp)
END
END

COMMIT
END

RETURN 0 
GO

and then modified web.config as:-

<sessionState mode="SQLServer" sqlConnectionString="Data Source=.;Integrated Security=True;Application Name=TEST" cookieless="false" timeout="20"></sessionState>
   <httpRuntime targetFramework="4.5"/>

You have to add Application Name and that have to be the same for all the application for which you want to share the same session.

Thanks.

Answer 2

Update: Here is a previous post I answered on this same topic Sharing sessions across applications using the ASP.NET Session State Service

As already pointed out, Session data is scoped to the application. That is the Application you create in IIS. So two applications with the same session id will not be sharing the same session because of the application scoping.

As an alternative idea that might or might not be feasible for you. You can create a root application and have the code for D:\App1 and D:\App2 in two subfolders.

d:\Root
  web.config
  \App1
     default.aspx
     ...
  \App2
     default.aspx
     ...

Then in IIS you create an Application pointing to d:\Root.

You can also create an Application in IIS and then under the Application you create two virtual directories, one pointing to D:\App1 and the other to D:\App2, then they can also share a single web.config at the Application level. It is critical that the two virtual directories are just virtual and not created as Applications.

So you harddisk layout might look something like this

D:\Root
  web.config

D:\App1
  default.aspx
  ...

D:\App2
  default.aspx
  ...

Create the root application pointing to D:\Root and then under the application create the two virtual directories App1 pointing to D:\App1 and App2 pointing to D:\App2.

The effect in both cases is that you actually have one application split into two sections, both in the same Session scope therefore the code for both can share the same session data.

Answer 3

By default session cannot be shared between different applications. From what I can see you have two distinct applications App1 and App2 which run in separate virtual directories and probably even separate application pools, so don't expect to share session between them.

As always there are workarounds that you may find useful. As you can see it's using a hack (reflection) to circumvent ASP.NET team designer's determination to not expose certain classes and properties and make our life as developers difficult.