ASP.NET 2.0 ViewState Persistence

Ugh.  I have 2 pages:  a login page and a report page.  When user 1 logs in they see a treeView and a gridView that updates based on the node a user chooses in the treeView.  Now, the problem is that when user 1 logs out and then user 2 logs in they get all of user 1's data in the 2 controls, even though the controls seem to be binding to user 2's data as expected.  I'm having a tough time with this.  I'm assuming this has something to do with the viewstate and/or HTTPContext, but I can't lick it and I'm in a real hurry to get this fixed.  
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Raju SrivatsavayeSoftware EngineerCommented:
Can we see how you are saving the data viewstate/http../session??
thrillingryanAuthor Commented:
Page Properties:
<%@ Page Language="C#" Async="true" EnableViewState="false" AutoEventWireup="true" CodeFile="InspectionReports.aspx.cs"
    Inherits="InspectionReports" Trace="true" %>

TreeView Properties:
            <asp:TreeView ID="TreeView1" runat="server" ImageSet="Arrows" Width="120px" EnableViewState="false"
                OnSelectedNodeChanged="TreeView1_SelectedNodeChanged1"   AutoGenerateDataBindings="False" PopulateNodesFromClient="false" EnableClientScript="false">

Page Load:
      protected void Page_Load(object sender, EventArgs e)
            if (!IsPostBack)
                  ViewState["ContactId"] = getContactId();  <---  I check this and its getting the correct value...
                  XmlDocument _xmlDoc = new XmlDocument();
                  XmlDataSource xds = new XmlDataSource();
                  _xmlDoc = ReportPermissionsCollection.ToXML(Int32.Parse(ViewState["ContactId"].ToString()));

                  xds.Data = _xmlDoc.InnerXml; <--- this is getting the correct data, too!
                  TreeView1.DataSource = xds;
                  TreeView1.DataBind();  <----  Why am I getting the previous user's data here?  ...Or am I?

                  ServiceName.Text = "Your newest reports:";
thrillingryanAuthor Commented:
Also, from my web.config:

<sessionState mode="InProc" cookieName="WEBREPORTING" cookieless="UseCookies" ></sessionState>
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

Raju SrivatsavayeSoftware EngineerCommented:
why dont you try doing this:

in the beginning of the page load..
thrillingryanAuthor Commented:
Didn't work.  So Wierd! Even if it did, then that would be just the treeview and I'd still have to deal with the gridview... plus it would be a hack and I need to figure out what the real problem is here. I guess I'm gonna have to educate myself on the state persistence behavior of these controls.  If this wasn't tested before release, users would totally be getting other users data presented to them - a huge security problem.  Using ASP.NET everything looks so cool and easy until you start really getting into things then to become so complicted.  There's probably one little setting or a simple line of code I need to add, but it could be any number of things. ggrrr...  so frustrated.  Please, doesn't anyone have a clue?

thrillingryanAuthor Commented:
OK... So I enable tracing on the application level (in the web.config) and when I hit the logout link (while logged in as user 1), the section titled "ControlTree" still outputs data about the controls that were used after being logged in (see below).  How can I clear the ControlTree state data?

Control UniqueID Type Render Size Bytes (including children) ViewState Size Bytes (excluding children) ControlState Size Bytes (excluding children)
__Page ASP.default_aspx 5300 0 0
    ctl02 System.Web.UI.LiteralControl 175 0 0
    ctl00 System.Web.UI.HtmlControls.HtmlHead 46 0 0
        ctl01 System.Web.UI.HtmlControls.HtmlTitle 33 0 0
    ctl03 System.Web.UI.LiteralControl 14 0 0
    form1 System.Web.UI.HtmlControls.HtmlForm 5045 0 0
        ctl04 System.Web.UI.LiteralControl 10 0 0
        Panel1 System.Web.UI.WebControls.Panel 1962 0 0
            ctl05 System.Web.UI.LiteralControl 15 0 0
            ftcLogoImage System.Web.UI.WebControls.Image 95 0 0
            ctl06 System.Web.UI.LiteralControl 20 0 0
            Login1 System.Web.UI.WebControls.Login 1745 0 0
                Login1$ctl00 System.Web.UI.WebControls.Login+LoginContainer 1745 0 0
                    Login1$ctl01 System.Web.UI.WebControls.ChildTable 1745 0 0
                        Login1$ctl10 System.Web.UI.WebControls.TableRow 1554 0 0
                            Login1$ctl11 System.Web.UI.WebControls.TableCell 1537 0 0
                                Login1$ctl02 System.Web.UI.WebControls.Table 1525 0 0
                                    Login1$ctl12 System.Web.UI.WebControls.LoginUtil+DisappearingTableRow 168 0 0
                                        Login1$ctl13 System.Web.UI.WebControls.TableCell 147 0 0
                                            Login1$ctl03 System.Web.UI.WebControls.Literal 27 0 0
                                    Login1$ctl14 System.Web.UI.WebControls.LoginUtil+DisappearingTableRow 0 0 0
                                        Login1$ctl15 System.Web.UI.WebControls.TableCell 0 0 0
                                            Login1$ctl04 System.Web.UI.WebControls.Literal 0 0 0
                                    Login1$ctl16 System.Web.UI.WebControls.LoginUtil+DisappearingTableRow 302 0 0
                                        Login1$ctl17 System.Web.UI.WebControls.TableCell 75 0 0
                                            Login1$ctl05 System.Web.UI.WebControls.LabelLiteral 47 0 0
                                        Login1$ctl18 System.Web.UI.WebControls.TableCell 210 0 0
                                            Login1$UserName System.Web.UI.WebControls.TextBox 90 0 0
                                            Login1$UserNameRequired System.Web.UI.WebControls.RequiredFieldValidator 111 0 0
                                    Login1$ctl19 System.Web.UI.WebControls.LoginUtil+DisappearingTableRow 304 0 0
                                        Login1$ctl20 System.Web.UI.WebControls.TableCell 74 0 0
                                            Login1$ctl06 System.Web.UI.WebControls.LabelLiteral 46 0 0
                                        Login1$ctl21 System.Web.UI.WebControls.TableCell 213 0 0
                                            Login1$Password System.Web.UI.WebControls.TextBox 94 0 0
                                            Login1$PasswordRequired System.Web.UI.WebControls.RequiredFieldValidator 110 0 0
                                    Login1$ctl22 System.Web.UI.WebControls.LoginUtil+DisappearingTableRow 177 0 0
                                        Login1$ctl23 System.Web.UI.WebControls.TableCell 160 0 0
                                            Login1$RememberMe System.Web.UI.WebControls.CheckBox 134 0 0
                                    Login1$ctl24 System.Web.UI.WebControls.LoginUtil+DisappearingTableRow 0 0 0
                                        Login1$ctl25 System.Web.UI.WebControls.TableCell 0 0 0
                                            Login1$FailureText System.Web.UI.WebControls.Literal 0 0 0
                                    Login1$ctl26 System.Web.UI.WebControls.LoginUtil+DisappearingTableRow 466 0 0
                                        Login1$ctl27 System.Web.UI.WebControls.TableCell 449 0 0
                                            Login1$LoginLinkButton System.Web.UI.WebControls.LinkButton 0 0 0
                                            Login1$LoginImageButton System.Web.UI.WebControls.ImageButton 0 0 0
                                            Login1$LoginButton System.Web.UI.WebControls.Button 409 0 0
                                    Login1$ctl28 System.Web.UI.WebControls.LoginUtil+DisappearingTableRow 0 0 0
                                        Login1$ctl29 System.Web.UI.WebControls.TableCell 0 0 0
                                            Login1$ctl07 System.Web.UI.WebControls.Image 0 0 0
                                            Login1$CreateUserLink System.Web.UI.WebControls.HyperLink 0 0 0
                                            Login1$ctl30 System.Web.UI.LiteralControl 0 0 0
                                            Login1$ctl08 System.Web.UI.WebControls.Image 0 0 0
                                            Login1$PasswordRecoveryLink System.Web.UI.WebControls.HyperLink 0 0 0
                                            Login1$ctl31 System.Web.UI.LiteralControl 0 0 0
                                            Login1$ctl09 System.Web.UI.WebControls.Image 0 0 0
                                            Login1$HelpLink System.Web.UI.WebControls.HyperLink 0 0 0
            ctl07 System.Web.UI.LiteralControl 10 0 0
        ctl08 System.Web.UI.LiteralControl 6 0 0
    ctl09 System.Web.UI.LiteralControl 20 0 0
thrillingryanAuthor Commented:
Ok... so I was able to create a simpler version of the same website.  So far, it's not happening on the new version.  I'm going to try to reproduce it.
thrillingryanAuthor Commented:
OK... case closed.  I was able to reproduce it.  Its all in the web.config as far as I can tell;  The RoleManagementProvider was causing it.  When I removed the following code from the production site, the problem disappears:

<roleManager enabled="true">
<remove name="AspNetSqlRoleProvider"/>
<add connectionStringName="ConnectionString" applicationName="/" name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>

Wierd.  Maybe a bug?
Closed, 500 points refunded.
The Experts Exchange
Community Support Moderator of all Ages

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.