.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links


Posted By:      Posted Date: April 14, 2011    Points: 0   Category :ASP.Net

Is it possible to save the sessionid in a cookie so that they remain for ever kept?
This would require a kind of protection to prevent fraud.
For the next login of another user I could search for sessionid in order to verify if a user has ever been registered or registering on the site.

View Complete Post

More Related Resource Links

Getting SessionID from channel


I need to set ASP.NET_SessionId in order to dowload a file from server.

I use the following code

IContextChannel mychannel = (IContextChannel)myService;
using (OperationContextScope scope = new OperationContextScope(mychannel))
  res = myService.DoSomething();
  System.ServiceModel.Channels.MessageProperties messageProperties = System.ServiceModel.OperationContext.Current.IncomingMessageProperties;
  if (messageProperties.Count > 0)
    HttpResponseMessageProperty httpResponseMessageProperty = (HttpResponseMessageProperty)messageProperties[HttpResponseMessageProperty.Name];
  if (httpResponseMessageProperty != null)
  sessionCoookie = httpResponseMessageProperty.Headers[System.Net.HttpResponseHeader.SetCookie];

It works fine if I use basicHttpBinder.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;

But when I use windows authentication (basicHttpBinder.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;), there are 2 message responses.

The first one HTTP/1.1 401 Unauthorized with "Set-Cookie: ASP.NET_SessionId=sa34zv55sndjgq55fqzaw5ii; path=/; HttpOnly", I can see it in Fiddler and the second one with "WWW-Authenticate: Negotiate oYGgMIGdoAMKAQChCwYJKoZIgvcS

What is the Regex pattern of SessionId

Hi asp.net 4.0 I wonder what the Regex pattern for session id is?

sessionID in some search engines coming in lower case (s( - bombing out

Is it possible to ignore case on the sessionID?  Is it useful/secure to do so?  I have a bothersome search engine hitting my site with session id's that have a lower case "s" in the ID, so it looks like - (s( -  at the beginning of the id, rather than - (S( -   It's filling up my error handling database with page not found because of it!  Does anyone have any good suggestions on how I might fix this?  Thanks bunches!

SessionID is coming in with lowercase 's'


Normally, when my server gets an invalid sessionID on the url it rewrites it.  However (several?) search engine(s) are sending requests to my server with a lower case in the session number, where there is normally an upper case S.  So for example

(s(vou3fq454gk3fbrncrmk1bmj)) will not just rewrite the sessionID and keep going, but

(S(vou3fq454gk3fbrncrmk1bmj)) WILL rewrite the sessionID and keep going without an error.

This is filling up my database and making it hard for me to use it effectively, plus, I would just like it to work.

Is there any way for it is not care if that first '(s(' is lower case?  Or is there a way for IIS to cope with this in an efficient manner?

Thanks for any suggestions.

How do I keep an unique SessionID between my AppWeb and webService


Hello friends I need your help,

I have a simply appWeb (C# VS2008), it make some calls to different webServices, then each one the WS and the appWeb keep logging constantly your activity in a file text. This files contains the sessionID like the follow example:

[Time] | [SessionID] | [Source] | [Message]

9.00 | oha5rl45slcbyd55r3uicq55   | AppWeb | LoginUser

9.01 | oha5rl45slcbyd55r3uicq55   | AppWeb | OpenPage test.asmx

9.02 | oha5rl45slcbyd55r3uicq55   | AppWeb | ClosePage test.amx

9.02 | oha5rl45slcbyd55r3uicq55   | AppWeb | Invoke webService uno.asmx

9.03 | ddgodn455qdvcl45nfurbb45 | WebService uno | Create DB

9.03 | ddgodn455qdvcl45nfurbb45 | WebService dos | Receive call to method getObjects()

How to get session by SessionID. ( uploadify)


Hi, I'm using the "Uploadify" tool to upload images in my asp.net mvc app.  This tool sends sends an ajax post to to an action methiod named "SaveImage(....)" on my server.   The problem I'm having is that there is a flash bug where I loose access to the session within my "SaveImage(...);  I need to be able to see what account is trying to upload an image

   I should be able to send the SessionId to my SaveImage function.  Is there a way to get a session by SessionId.  I'd like to do something like this:

SaveImage(string SessionId, HttpPostedFileBase FileData)



    string AccountId = (string)Session["AccountID"];



SessionID changes on page refresh.



I need to insert a SessionID into a database (along with other values). I'm getting the session ID simply by using Session.SessionID.

To test this, I've just assigned this to the text property of a label in a page.

Whenever I hit F5, the SessionId in the Label changes.

It is my understanding that the Session Id should remain the same until the browser is closed.

Am I wrong?

I need the SessionID linked to this browser session - a value which remains static until the browser is closed.

Best way to do this?


ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend