Background
- We have one website running on IIS 6 (Win2003 Server) using .NET 3.5: site1.mysite.local
- We have a second website running on IIS 7 (Win2008 Server) using .NET 4.0: site2.mysite.local
On each site, the web.config contains the StateServer and the same machineKey:
<sessionState mode="StateServer" stateConnectionString="tcpip=STATESRV01:42424" />
<machineKey decryptionKey="EDCDA6DF458176504BBCC720B4E29348E252E652591179E2" validationKey="CC482ED6B5D3569819B3C8F07AC3FA855B2FED7F0130F55D8405597C796457A2F5162D35C69B61F257DB5EFE6BC4F6CEBDD23A4112C4519F55185CB5EB3DFE61"/>
We also have a PostRequestHandlerExecute Event Handler to modify the "NET_SessionId" cookie to have the same root domain and path.
cookie.Domain = ".mysite.local";
cookie.Path = "/";
In the global.asax file, we have the following code to modify the App Name in the Application_Start event:
protected void Application_Start(object sender, EventArgs e)
{
string applicationName = "mysiteapp";
// Change the Application Name in runtime.
FieldInfo runtimeInfo = typeof(HttpRuntime).GetField("_theRuntime",
BindingFlags.Static | BindingFlags.NonPublic);
HttpRuntime theRuntime = (HttpRuntime)runtimeInfo.GetValue(null);
FieldInfo appNameInfo = typeof(HttpRuntime).GetField("_appDomainAppId",
BindingFlags.Instance | BindingFlags.NonPublic);
appNameInfo.SetValue(theRuntime, applicationName);
}
Result
Both sites return the same Session ID, but when we try to set a session value on site1, site2 does not return a value.
Site 1 (site1.mysite.local) Result
Session ID (Session.SessionID): a55jnfcscxd3f0hnwoik02pp
Session Value: True
Site 2 (site2.mysite.local) Result
Session ID (Session.SessionID): a55jnfcscxd3f0hnwoik02pp
Session Value:
Question
From my understanding, the State Server keys the session off of a combination of the SessionID cookie, the machine key, and the app name which we have tried to update so its the same across both sites. The problem is, the session value is not shared across the websites.
Why don't you use the SQL Server mode for Session State?
We might have to but we were hoping to use our State Server instead.
Has anyone had success with State Server with multiple web applications across multiple servers?