"Session State can be used only when enableSessionState set true" Exception when calling a protected file

1
votes

I've protected a directory on my asp.net website (using location deny properties in web.config).

It works fine when i try to call an aspx page in this directory (refused). But if i try to call a static file (ex: logo.gif), i get this exception "Session State can be used only when enableSessionState set true".

I don't understand the relationship between a gif file and a directory protection.
Has anyone already solved this problem?

Updated: I'm using a cms system (DotNetNuke). The cms is attached with a URL Rewriting Module (iFinity URL Master). 

<!-- Forms or Windows authentication -->
<authentication mode="Forms">
<forms name=".DOTNETNUKE" protection="All" timeout="60" cookieless="UseCookies" />
</authentication>
<!-- ... -->
<location path="Install">
<system.web>
  <authorization>
    <deny users="*" />
  </authorization>
</system.web>
</location>

Thanks you.

1
asp.netexceptionlocationdotnetnukesession-state
Post a bit more code. I can't get this error. What kind of auth do you use? What version of .net do you use?Denis Agarev
I've edited my question, hope it helps. I'm using .net 4.Laurent Finet-Baron

1 Answers

0
votes

This is a very old question, but the answer is that the 404 page is probably being tripped by the request. It's likely that you would need to exclude the request from being rewritten by the Url Rewriter, so that it doesn't throw a 404 error.

I have also heard that the exception you are getting is related to the page caching settings.