problems with WebService EnableSession in VS2005

Thread view:

Enable EMail Alerts

Start New Thread

Thread rating:

Nadav Popplewell - 15 Feb 2007 08:45 GMT

Hi everybody,

I've got two questions about using the EnableSession property with an
ASP.NET WebService:

First Question:
I'm trying to create a web service with EnableSession=true.
I can't get it to work with VS2005 ( It works with vs2003!).

Here is my testcase:

I created two web services (hosted on IIS on the same computer).
One WebService was created using VS2005:

[WebMethod(EnableSession=true)]
public string GetSessionID()
{
return this.Context.Session.SessionID;
}

The other was created using VS2003:
[WebMethod(true)]
public string GetSessionID()
{
return this.Context.Session.SessionID;
}

Then I created a simple WinForms application (with 1 button and 1 listbox):

public partial class Form1 : Form
{
public Form1()
{
InitializeComponent();
}

// this is the web reference to the VS2005 web service.
localhost.Service srv=new TestWebServiceSession2.localhost.Service();
CookieContainer cookies=new CookieContainer();
// this is the web reference to the VS2003 web service.
localhost1.Service1 srv1=new
TestWebServiceSession2.localhost1.Service1();
CookieContainer cookies1=new CookieContainer();

private void button1_Click( object sender, EventArgs e )
{
srv.CookieContainer=cookies;
string s=srv.GetSessionID();
listBox1.Items.Add(s);

srv1.CookieContainer=cookies1;
s=srv1.GetSessionID();
listBox1.Items.Add("*"+s);
}
}

When I click on the button the program calls both web services and adds the
session IDs returned to the listbox.
I can see that the VS2003 webservice returns the same session id everytime.
The VS2005 returns a different session ID.

I called the web services from IExplorer when Fiddler running and I see that
the VS2003 web service returns a cookie:
HTTP/1.1 200 OK
Server: Microsoft-IIS/5.1
Date: Thu, 15 Feb 2007 08:34:14 GMT
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322
Set-Cookie: ASP.NET_SessionId=zbextf45fdert255admh01na; path=/
Cache-Control: private, max-age=0
Content-Type: text/xml; charset=utf-8
Content-Length: 109

<?xml version="1.0" encoding="utf-8"?>
<string xmlns="http://tempuri.org/">zbextf45fdert255admh01na</string>

The VS2005 web service does NOT return a cookie:
HTTP/1.1 200 OK
Server: Microsoft-IIS/5.1
Date: Thu, 15 Feb 2007 08:20:39 GMT
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private, max-age=0
Content-Type: text/xml; charset=utf-8
Content-Length: 109

<?xml version="1.0" encoding="utf-8"?>
<string xmlns="http://tempuri.org/">1l5ccq2mktsfv0342j5hxa45</string>

Am I doing something wrong or is is a problem with ASP.NET 2.0?

Second Question:
The cookie that stores the session id is asp.net specific, right?
So if I need to write a web service (given a WSDL) to work with a certain
application (which I didn't write)
I can't make the web service session enabled because the application will
not send the cookie ?

Thanks,

Nadav

Reply to this Message

Steven Cheng[MSFT] - 16 Feb 2007 02:36 GMT

Hello Nadav,

As for the SessionID problem you meet in ASP.NET webservice call, it is
likely due to the sessionID lazy initializing feature in ASP.NET. For
ASP.NET sessionstate module, it will always assign a random sessionID for
each page request(event of the same client) if you haven't stored any data
in the SessionState. This can avoid allocating unused server-side
sessionstate storage. This has also be mentioned in the ASP.NET session FAQ:

#Understanding session state modes + FAQ
http://forums.asp.net/7504/ShowPost.aspx

Here is the original description picked from the FAQ:

Q: Why does the SessionID changes in every request?
A: This may happen if your application has never stored anything in the
session state. In this case, a new session state (with a new ID) is
created in every request, but is never saved because it contains nothing.

However, there are two exceptions to this same session ID behavior:
- If the user has used the same browser instance to request another page
that uses the session state, you will get the same session ID every time.
For details, see "Why does the SessionID remain the same after the Session
times out?"
- If the Session_OnStart event is used, ASP.NET will save the session state
even when it is empty.
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

therefore, for your scenario, your webservice may first store a small
placeholder data into session so as to make the sessionID fixed. You can
try testing it to see whether it works.

Hope this helps some.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead

==================================================

Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.

==================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

Reply to this Message

Nadav Popplewell - 18 Feb 2007 07:29 GMT

Hi Steven,

I've tried it, and if I save something in the session then the session ID
remains the same.
So EnableSession=true DOES work with ASP.NET 2.0.
The thing I don't understand is that 'Understanding session state modes +
FAQ' page
last updated date is Sept 21, 2004.
So I would think that the page describes the behaiviour of asp.net 1.1.
However, in the VS2003 web service I got the session ID even if I didn't
save anything in the session.
Oh, Never mind. As long as it works with ASP.NET 2.0..
Thanks for your help.

Nadav

Reply to this Message

Steven Cheng[MSFT] - 19 Feb 2007 03:58 GMT

Thanks for your followup Nadav,

Yes, that FAQ article has been generaetd early at ASP.NET 1.x time. Most of
its implemenation feature and behavior applies for both ASP.NET 1.X and
2.0. For the session ID behvior, it does be consistent between ASP.NET 1.1
and 2.0 application(at least for webform application scenario). For the
webservice proxy of your VS 2003 webservice, I think there may already
exists some data in the server session or the ASP.NET 1.x webservice will
put some placeholder data whenever we enablesession for webservice. So far
I haven't got indepth on this.

Anyway, glad that you've got it working and if there is anything else we
can help, please feel free to post here.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead

This posting is provided "AS IS" with no warranties, and confers no rights.

Reply to this Message

Ivo Decae - 02 Mar 2007 22:50 GMT

Hi Steven,

I've come up to this article when searching information on keeping a
webservice 'alive'.

Let's say that we would use a webservice (ASP.NET 2.0 / IIS 5) for
authentication (using soapheaders) and then make further use of other methods
within the same webservice to expose data from our back-end system (where our
ERP/... is running) to our customers.

Would this be a good approach ? And do you know if we could use the session
for keeping the state of the currently authenticated user ?

Thanks for a reply.

Sincerely

Ivo

> Thanks for your followup Nadav,
>
[quoted text clipped - 18 lines]
>
> This posting is provided "AS IS" with no warranties, and confers no rights

Reply to this Message

Rate this thread:

problems with WebService EnableSession in VS2005

Free Magazines