Login/Register
Keeping a related ASP.NET application's session alive from another ASP.NET application
Asked Answered
Solved jqueryasp.netasp.net-mvcsessioncross-application
W

1

6

I have 2 applications running on the same domain. The flow goes like so:

  1. Application 1
  2. Application 1 -> Application 2
  3. Application 2 -> Application 1

Application 1 is WebForms (asp.net framework 2.0), Application 2 is ASP.NET MVC 3 (framework 4.0)

While the user is on Application 2, I'd like to keep the session alive on Application 1.

While building Application 1, we built in a "KeepSessionAlive.ashx" handler that simply does Session("KeepSesssionAlive") = DateTime.Now() when requested, as described in this article. We did this because this is an assessment application and during some of the harder parts of test, a user might need a long time before they choose an answer. Here is the code:

Public Class KeepSessionAlive : Implements IHttpHandler, IRequiresSessionState  

    Public Sub ProcessRequest(ByVal context As HttpContext) Implements IHttpHandler.ProcessRequest
        context.Session("KeepSessionAlive") = DateTime.Now                           
    End Sub

    Public ReadOnly Property IsReusable() As Boolean Implements IHttpHandler.IsReusable
        Get
            Return False
        End Get
    End Property   

End Class

Then, I simply call this handler periodically within Application 1 using jQuery: $.post("KeepSessionAlive.ashx", null, function() { });

So, I figured I could call that same handler from Application 2 using $.ajax(), I even looked into using jsonp, but this doesn't seem to be working. I wrote code to log all the session variables from KeepSessionAlive.ashx to a file, and even to return stuff via jsonp response, and the data looked right.

However, doing a test in which I lingered in Application 2 long enough for Application 1's session to expire and then trying to do the transition from Application 1 -> Application 2, when I reach the return page in Application 1 I'm greeted with an System.NullReferenceException: Object reference not set to an instance of an object. error because I'm trying to reference one of the objects in Session. The only value in session is Session("KeepSessionAlive"). I assume this is because it created a new session, but if that's the case, why were my tests that logged the session values showing all of Application 1's session variables?

Are there any other methods I can use to keep Application 1's Session alive while the user is filling out the forms in Application 2?

Wombat answered 12/4, 2011 at 23:10 Comment(2)
Do the applications share an application pools or are they isolated? If they are isolated, does each app have a "KeepSessionAlive.ashx" or is the one in Application 1 the only one?Gilud
@Chris Pebble - They are on isolated application pools (Application 1 is a 2.0 framework app, Application 2 is 4.0). Only Application 1 has the "KeepSessionAlive.ashx"Wombat
Q
7

Make a page on each site, thats reload a small image time to time.
Now instead of the image, you load a handler that return the image.

<img id="keepAliveIMG" width="1" height="1" src="/img/ui/spacer.gif?" alt="" /> 

<script language="javascript" type="text/javascript"> 
    var myImg = document.getElementById("keepAliveIMG");

    if (myImg){
        window.setInterval(function(){
              myImg.src = myImg.src.replace(/\?.*$/, '?' + Math.random());
            }, 6000);
    }   
</script>

Then use an iframe inside your applications that load the other application page with the image reload. Or in general use an iframe, because with iframe you can keep the cookies updates from 2 diferent sites.

<iframe src="application2.aspx" width="0" height="0"></iframe>

Related : Reset session timeout without doing postback in ASP.Net

Quarterhour answered 13/4, 2011 at 0:46 Comment(10)
Thanks! This did work, but I wound up calling my KeepSessionAlive.ashx handler at an interval, rather than a .gif, from my KeepSessionAlive.aspx page (both on Application 1). Appliation 2 just appended the iframe to the body with the src set to to Application1/KeepSessionAlive.aspx.Wombat
@Wombat yes the image calling is not 100% garandy that trigger the session, but the aspx is trigger it for sure. The trick on your solution is the iframe.Quarterhour
@Quarterhour will this work is these applications are cross domain?Drusy
@PawanPillai do you have 2 servers that needs to be alive or one? If you have two, you must call both of them. If the one, calls the other from the page, then this is not works for cross domain, you must call both servers with a script. This is call only one using this trick.Quarterhour
@Quarterhour I have 2 servers, site1.com and site2.com. I login on site1.com and open a link to site2.com (opens in a new tab). This is single sign-on, so user go directly into logged in page on site2.com. Now user remains on site2.com for most of the time, navigates around and site2.com's session remains active. But after my web.config timeout, site1.com timeouts. Because these are different domains, I enabled CORS on site1.com, so its able to receive JS based calls from site2.com. But still my site1.com session timeouts. [to be continued in next comment..]Drusy
[..continued] So I was wondering this only works if both sites are on same domain like a.site1.com and b.site1.com or this approach works for cross domain sites like site1.com and site2.com.Drusy
@PawanPillai No its not works for cross sites as it is. You need some how to add it on both sites. Also check this similar solution (one site, need two times to add it) #13998278Quarterhour
@Quarterhour please explain what you mean by "you need to add it on both sites"? I have code access to both sites. Currently I am adding this javascript code in site2.com which calls site1.com (site1.com's session we need to keep alive). So, can you explain what I need to do on site1.com (when you say I need to add it on both sites?). My user is constantly on site2.com, so site2.com's session does not expires. It's site1.com which expires because user works on site2.com for long and site1.com's browser tab remains idle. Any pointers will help.Drusy
@PawanPillai Each site needs to make a request so the cookie will update the time of expires. This request can be done by calling a non-visible image, or call a handler with cookies enabled. This is the way you keep the session – with one call to update the cookie expire parameter. Because each sites have different cookies, you need to make a call to both sites, so both cookies will be updated on the client side. Cookies are connected with session on server side, but also with the login cookie on client side. Cookies will update session and login time on each call -Quarterhour
@Quarterhour thanks for responding to so many comments. I would clarify something here based on your last comment (and please ignore responding if this comment chain is getting longer). In my case, user is active on site2.com (user is navigating around, moving between screens on site2.com). So site2.com's session does not expire. And I am calling a hidden page/handler of site1.com from site2.com's javascript every 5 mins. So I don't think I need to do any hidden thing on site2.com to keep site2.com's cookies alive. Let me know your thoughts. My main concern is cross domain, and site1.com expires.Drusy

© 2022 - 2024 — McMap. All rights reserved.