We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

Keeping session variables using a datalist and asp:hyperlink

jasondole
jasondole asked
on
Medium Priority
403 Views
Last Modified: 2008-02-01
I am having a problem keeping my session variables when i used a datalist and a hyperlink,
here is my code:
<asp:HyperLink Runat="server" Text="Create" ID=hyperlink Target="_self"  NavigateUrl='<%# "/C.aspx?a=" + DataBinder.Eval(Container, "DataItem.id") %>'></asp:HyperLink>
Comment
Watch Question

If you are bindign them dynamicly, you'll need to bind them again after every postback.

Author

Commented:
my program worked when i used the asp:hyperlinkcolumn, but when i switched to a datalist and used the  asp:hyperlink, it does not, i am using a session variable as a means to tell if the user is logged in or not, is there a way around this?
I need more code to see what is causing the problem. Any chance you could post that?

Author

Commented:
What part of code do you need so i can post it because i am unsure what you are asking for since i thought what i put would be able to answer what is needed, the rest does not deal with what i need to do, what i meant by my last comment was that when i used a datagrid, and used the asp:hyperlinkcolumn my session variables were kept but when i went to a datalist and used the asp:hyperlink, my session variables are lost.  My session variables are set by a control that sets the variable once a person logs in... please let me know so i can provide the correct information....thanks for your help.....

Commented:
How is it that you know your session variables are lost? I assume your datagrid is in one page (perhaps B.aspx) and you are transferring to C.aspx?<anIdNumber>. Then in the Page_Load of C.aspx you are trying to access the session variables and they are coming back as null?

Andy

Author

Commented:
yes, you are correct, i am using my session variables as a way to know if my user is logged on, and every time i access the asp:hyperlink it directs me to my page that i am not logged in, this led me to believe my session variables were not being kept when i went to the new page

Commented:
I would guess that, if your session variables really are disappearing, then you are having problems with the session cookie for your users. Are you using Visual Studio? Could you debug the application and check the session at each point during the login, getting to the datagrid page, redirecting to C.aspx? You could, for instance, put a line in the global.asax Application_AuthenticateRequest method, set a breakpoint on it and check the session contents each time as this will fire at the start of every request.

I would also recommend using Fiddler, which is free (http://www.fiddlertool.com/Fiddler/help/hookup.asp) to examine your requests and check your session cookie is being set , and is staying the same between your requests - especially for the requests where you think the session is being lost.

Is there a reason that you are using Session variables to track your login and not Forms authentication? Forms authentication is very easy to set up, and means that you don't have to worry about maintaining your own authentication, just actually verifying the username/password.

Andy

Commented:
Did you get anywhere with this?

Andy

Author

Commented:
I am using session variable so when somebody uses the login control, we set a session variable to see they are logged in, then every page we check to see if this session variable is set and if it is not set, we redirect them to a page that tells them to log in.  I am not sure how we would accomplish with form authentication??   I haev not been able to find a solution to this problem and the time it is taking i am open to any new ideas on how i could accomplish the same functionality.

Commented:
Forms authentication will do _exactly_ what you say you want to do. All you need to do is specify a line in your application's web.config that states you are using form's authentication, and the login page for the authentication. It will handle the rest, protecting all resources handled by ASP.NET underneath that application directory. On the login page itself, you need to set the forms cookie, and that's it.

An example of the web.config lines are:
            <forms name="appNameAuth" path="/" loginUrl="login.aspx" protection="All" timeout="30"/>

And the C# code to login a user reads:
    // get username and password, check them against the database, if succesful then do:
    FormsAuthentication.SetAuthCookie(strUserName, false);

Andy

Author

Commented:
we are trying to not use cookies to do our authentication, we wanted to make our site cookieless....
Commented:
So you are using cookieless sessionstate, sorry, I didn't realise. If you are using cookieless sessionstate, you have to be _very_ careful when you put url links into a href tags on a page; if you change the case of the text in the link it can fail:
http://support.microsoft.com/?kbid=828330

Does your code look like it might be struggling with case sensitivity in the links?

Andy

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.