How to ensure that session state is NOT shared between applications hosted on the same server
My question is the opposite of the following
Sharing session state between 2 ASP.NET applications using SQL Server and How to maintain the same session id across multiple web applications in ASP.NET.Our application uses state server to store session info and we often want to host several versions of the same application on the same web server.开发者_如何学Go
At the moment, because the ASP.NET_SessionId
cookie is not stored against any path, if I got to http://donkey.com/app1
and start a new session and then, in the same browser session, go to http://donkey.com/app2
, I inherit the session ID (and thus session state) from app1.
Is there a way to cajole ASP.Net to set the path when it stores the session ID cookie and thus break this unwanted sharing of session state?
You'll have to use different cookieName
for each web application in web.config.
The default is "ASP.NET_SessionId".
You can also programmatically set it. Check this post.
You can use subdomains to achieve this. like http://app1.donkey.com and http://app2.donkey.com. By default - cookies are not shared across domains.
Another way to do it is set the cookie name programmatically may be based on some config value which determines which version you are using.
精彩评论