Login/Register
ASP.NET Generic Handlers & Session
Asked Answered
Solved c#jqueryasp.netsessiongeneric-handler
T

4

19

I have an issue with GenericHandler and anonymousIdentification.

Basically if <anonymousIdentification enabled="true" /> is turned on in the web config, whenever a JQuery GET/POST request is sent to the server, that request executes under a new user and a new user session.

Is there a way to mitigate this? I need to access the current user's session variables... It is really frustrating!

Tameika answered 3/2, 2011 at 17:26 Comment(5)
I have not checked it but i think if you are sending a jQuery GET req. from Client then it is handled in the current user context.. check with fiddler are the ASP.net session cookie same for both normal and jquery requestOsmond
So if you turn off anonmyous ID it works? Are you using Forms auth? Can you turn off anon for that particular path in the web.config?Digenesis
I will try and see if this works @drachenstern. You are wrong @Shekhar_Pro. I store user data in the session; one value is UserRegistratinoState. If I come from a page where the user has just registered the enum value in the session is UserRegistrationState.Registered. I have verified this. However, when I call the handler from js on the another page, the first line of code in the handler checks that session variable. If the variable doesn't exist it automatically returns UserRegistrationState.Anonymous. I think it's safe to assume that Get requests from JQuery are executing under a new user.Tameika
What's happening is they're not sending the cookie back to the server.Digenesis
so how do I mitigate this? which cookie do I send? and how do I send it?Tameika
D
42

Generic handlers must implement the IReadOnlySessionState interface to access session variables. If you also need to write session variables, implement IRequiresSessionState.

Desmond answered 3/2, 2011 at 17:58 Comment(3)
I will try this in a moment. Thanks @Josh StodolaTameika
Should read: public class MemberHandler:IHttpHandler,IRequiresSessionStateQuantifier
I had problem that handler didn't send back the session cookie if request to handler was the first to the website (no actual session id) and I thought that when IReadOnlySessionState derives from 'IRequireSessionState` that will be enought. But I really had to use IRequireSessionState explicitly . Thanks for that post.Clarance
C
13

Implement the System.Web.SessionState.IRequiresSessionState interface:

public class Handler : IHttpHandler, System.Web.SessionState.IRequiresSessionState 
{   
  public void ProcessRequest(HttpContext context)  
  {      
    context.Session["StackOverflow"] = "overflowing";      
    context.Response.Redirect("~/AnotherPage.aspx");      
  }

}
Churchy answered 19/9, 2012 at 12:23 Comment(1)
i want to get session values in generic handler to upload image against primary key that i have stored in session, i am using jquery image upload plugin and it binds all properties on document ready. i used iRequiresSessionState in my handler code but still i can't access session values. session keys are still 0. can anyone tell me about this?Minesweeper
F
3

You can use this:

public class Handler : 
    IHttpHandler, 
    System.Web.SessionState.IReadOnlySessionState
Fates answered 20/6, 2012 at 1:32 Comment(0)
C
-1

I suggest in the web browser you enable the network tab in the developer mode. Then check in the AJAX which cookie is sent (if any).

If you do not see any cookie, it means the browser did not get any session, thus you should make sure (as stated by Josh) to inherit the right interface and access the cookie. (Don'f forget to use System.Web.SessionState)

In order to generate the cookie, access the session object's sessionID:

string sesId = context.Session.SessionID;

Before you write anything to the response.

Conradconrade answered 29/11, 2011 at 12:0 Comment(1)
-1 It is very possible and plausible to have cookieless session state, and accessing the identifier certainly does not "generate" the cookieDesmond

© 2022 - 2024 — McMap. All rights reserved.