Solved

ASP.NET - Change session cookie name from asp.net_sessionid

Posted on 2004-03-31
7
4,629 Views
Last Modified: 2009-11-06
Hi,

I want to use the built in session management of ASP.NET, BUT I want the cookie name to be changed from asp.net_sessionid to something of my choosing.

Is there a way in the framework configuration or ASP.NET code that I can force the name of the session cookie from "asp.net_sessionid" to some other name?

Can it be done?

Thanks,

Mike
0
Comment
Question by:mchallis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
7 Comments
 
LVL 12

Expert Comment

by:dfiala13
ID: 10727267
No.  That is what it is named.  It is created by the SessionStateModule. If you could override this module then you could potentially rename it, but the class cannot be inherited.

You can, of course write your own class to based on IHttpModule to do your own session management and name your cookie anything you want, but that means you don't get to use the built-in session state features.
0
 

Author Comment

by:mchallis
ID: 10727734
Could I implement my own HttpModule / pipeline that renames my cookie to asp.net_sessionid on the way in and rename asp.net_sessionid the way out so that the browser deals with my cookie name but the framework sees the original name?

If this can be done, does anyone have any examples?
0
 
LVL 12

Expert Comment

by:dfiala13
ID: 10727756
You could potentially could, but one wonders why you would go through the trouble to rename a cookie.
0
 

Author Comment

by:mchallis
ID: 10727818
True, but humour me.

It is to do with an existing infrastructure (web load balancers, proxies and a web farm) that uses the session cookie to give "sticky" sessions.  But the session cookie it looks for has to be of a predined name (pre ASP.NET).

Therefore if I can rename the ASP.NET cookie, the users session gets tied to one web server and proxy, otherwise it bounces around on each request.

Cheers,


Mike
0
 
LVL 12

Accepted Solution

by:
dfiala13 earned 500 total points
ID: 10727946
Ah, I see.
Why rename the cookie, why not just create a cookie in an HttpModule with the proper name and set its value to the value in the ASP.NET approved session cookie.

Here's a little background on how Session IDs work in ASP.NET (don't mind the ad and the classic ASP stuff)

http://builder.com.com/5100-6373-1044890.html

Here's a link to MS's example custom HttpModule,  which actually should get you close .  Instead of returning a message in Application_EndRequest  simply add on your cookie to the Response.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/html/cpconcustomhttpmodules.asp
0

Featured Post

[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello, all! I just recently started using Microsoft's IIS 7.5 within Windows 7, as I just downloaded and installed the 90 day trial of Windows 7. (Got to love Microsoft for allowing 90 days) The main reason for downloading and testing Windows 7 is t…
I was asked about the differences between classic ASP and ASP.NET, so let me put them down here, for reference: Let's make the introductions... Classic ASP was launched by Microsoft in 1998 and dynamically generate web pages upon user interact…
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have. In this…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question