Sharing Session between webservice and asp.net application

5
votes

I have an asp.net application and webservices (asmx) that reside in the same application but not in the same folder of the aspx files. I aslo have a winform application that uses the webservices. I have marked the webservice methods with [WebMethod(EnableSession = true)] but I am not able to share the same session values that are on the application in the webservices. The winform application has access to the sessionID from the application and I am using the following code

Uri uri = new Uri(ServerServiceUrl);
_cookieContainer = new CookieContainer();
_cookieContainer.Add(new Cookie("ASP.NET_SessionId", SessionID, "/", uri.Host));

My question is: Is there something that I am missing or doing wrong that I cannot access the application sessioin from the webservices?

2
asp.netsessionweb-servicesc#-2.0sharing
Why do you need sessions in a webservice? Are you storing any temporary state? In which case, IMO services should be stateless & by this, your problem would not exist...Sunny
Agreed, you'll need to think of webservices like static classesPierreten
My aspx services, just like the application, talk to java webservices and when the application calls the services it caches the values for a period of time. Instead of calling the java services over and over again I want to use the data that has been cached by the application. Hence why I want to share the session.Alex Mendez

2 Answers

1
votes

I cannot shed any light as to why you are not able to have the winforms app "hijack" the session - what you are doing looks like it should do exactly what you want.

I wanted only to suggest that you use the application cache (to cache the response from you java service) instead of the user's session store. This has the following advantages: -

  • a) If the cached information is applicable to more than an individual user (e.g. access controlled), then the same cached information can be used for several users and not fetched for each session.
  • b) You have more control over how long things are cached for / when they are scavenged than you get with session data (which just lives for the lifetime of your session and has the danger of growing and growing if you forget to delete old information)
  • c) If you do not manage to get your session hijacking working, you can still access data in the cache from any session.
0
votes

Have you tried inheriting your webservice class from System.Web.SessionState.IRequiresSessionState ?

It's normally used for http handlers, but webservices seem to use the same marker interface.