youritstaff
asked on
.net Session.SessionID same on different computers
We are having an issue with Session.SessionID not getting a new ID for multiple users. A few users from different IP locations get the same Session.SessionID causing wrong Session Variable values to be returned. One computer is getting the same ID between Chrome and IE.
The server was restarted and the computers are still receiving the same SessionID. We changed from SQL Server Session to InProc Sessions and the same SessionID is still being generated for the same users.
We are just setting Sessions Variables and Not using forms authentication as this is being handled separately.
The server is Windows 2012 with IIS 8.0.
Please let me know if you need additional information.
The server was restarted and the computers are still receiving the same SessionID. We changed from SQL Server Session to InProc Sessions and the same SessionID is still being generated for the same users.
We are just setting Sessions Variables and Not using forms authentication as this is being handled separately.
The server is Windows 2012 with IIS 8.0.
Please let me know if you need additional information.
kaufmed
Is your server behind a load balancer or reverse proxy?
ASKER
Yes, behind load balancer. But we have it directing to one server since this issue has started.
If you remove the load balancer from the equation altogether, do you still experience the issue?
ASKER
I'm checking with the infrastructure group to see if they can make that happen. Have you seen issues like this in the past with SessionIDs and Load Balancers?
I haven't, but another team in my group had issue with session hijacking. I double-checked with them, and their issue turned out to be related to AppFabric, though.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.