Has anyone ever eperienced session's being shared application wide?
My MVC application has the vanilla setup but for some reason, my sessions are being shared.
I didn't really think about it when I could switch between FF and IE and maintain a logged in state but now, I've noticed that I can switch machines too.
My web.config doesn't have anything in to setup the session state, so I assumed it was cookie based but it seem it's not.
Has anyone ever experienced this before and if so, how did you resolve it?
FYI: I'm running it on Server 2003 IIS6.
Thanks all!!
Gav
Well would you believe it... Stupid static variables...
I thought by using a static private variable that it would help me by not doing as much work when getting the data, but as it seems, it was the root of evil. (doctor evil pinky)
Thanks everyone!
** NOTE THIS IS HOW NOT!! TO DO IT **
public class UserHelper
{
private static UserSession _session;
public static UserSession Session
{
get
{
// If we already have the session, don't get it
// from the session state
if (_session == null)
{
// Attempt to get the session from the
// session state
_session = GetUserSessionFromSession(HttpContext.Current.Session);
if (_session == null)
{
// Create a new session object
_session = new UserSession();
}
}
return _session;
}
set
{
// Set the local value
_session = value;
// Add the object to the session state
HttpContext.Current.Session["SMEUser"] = _session;
}
}
public static void Logout()
{
Logout(HttpContext.Current.Session);
}
public static void Logout(HttpSessionState session)
{
_session = null;
session.Clear();
}
public static UserSession GetUserSessionFromSession(HttpSessionState session)
{
// Get the session from the session state
UserSession us = session["SMEUser"] as UserSession;
return us;
}
}