Asp.Net Forms Authentication, Cached User Control and Session ID

I faced the following problem that i wanted to share with you, I have a user control that populates a menu to be shown to the user, the menu is populated based on the user privileges. i wanted to cache this user control so that the menu population logic won't run for every page request, so i decided to cache the output of the user control based on the SessionID, to do this i added the following attribute to the control

<%@ OutputCache Duration="1" VaryByCustom="Session" VaryByParam="None" %>

the VaryByCustom attribute allows you to vary the cached output by your defined string, having specifying the "Session" as my defined string i had to override the HttpApplication.GetVaryByCustomString method in the Global.asax file

Overrides Function GetVaryByCustomString(ByVal context As HttpContext, ByVal custom As String) As String
 If custom = "Session" Then
 Return Session.SessionID
Else
 Return ""
 End If
 End Function

The function simply returns the session id so that the user control is cached for this user session only, until now everything is working perfectly, and the menu user control is cached correctly.

later on i added a Logout LinkButton

Protected Sub lnk_Click(ByVal sender As Object, ByVal e As System.EventArgs)

System.Web.Security.FormsAuthentication.SignOut()
Session.Abandon()
Response.Redirect("~/Admin/default.aspx")

End Sub

The code is supposed to log out the user and cleans the session, i expected that the cached user control to be ignored a new version to show but the user control is still showing the cached version, for some unknown reason the Asp.Net is still returning the same session id although the Session.Abandon method should create a new session object.

after googling a little i found this knowledge base article and this blog entry that describe the problem and the solution, the solution was to explicitly remove the asp.net cookie that stores the session id

Protected Sub lnk_Click(ByVal sender As Object, ByVal e As System.EventArgs)
System.Web.Security.FormsAuthentication.SignOut()
Session.Abandon()
Response.Cookies.Add(New HttpCookie("ASP.NET_SessionId", ""))
Response.Redirect("~/Admin/default.aspx")
End Sub

Hope this helps :)

Technorati tags:

Comments

Post a Comment

Popular posts from this blog

Documentum DQL Query Custom Data Extension For SQL Server Reporting Services

When it comes to Reporting SQL Reporting Services is my favorite choice. SQL Reporting Services has a plenty of data source types but unfortunately Documentum is not one of them, whenever we have to develop some reports based on the data in Documentum we first develop a web service that contains the necessary DQL queries and returns the result in a Data Set, then we create an XML data source that consumes this web service and use it in our reports. Fortunately SQL Reporting Services allows you to extend its data access capabilities by developing a custom data extension (CDE)that retrieves data from your custom data source. I developed a Custom Data Extension for Documentum that allows you to specify a Documentum Repository as a data source and provide your DQL query that will populate your report, I used the Reporting Services SDK Sample (FsiDataExtension) and this Article as starting points You can download the extension from here To install the extension: you have to install the ex
Read more

Portable Class Library Projects and MVVM Light

Image
With Portable Class Library Projects you can create a single library that can target different platforms (e.g. Windows Phone, .Net, Windows Store Apps). For most of the modern apps it’s kind of mandatory to use the MVVM pattern, a famous MVVM library is Laurent Bugnion MVVM Light library. In this post we will walk through the steps needed to create a Portable Class Library that uses the MVVM Light library and targets the Windows Phone 8 and .Net for Windows Store Apps frameworks. I will be using Visual Studio 2012 with Update 3. - Let’s create a new Portable Class Library project and name it MyApp.Core, the solution name will be MyApp - We will target the Windows Phone 8 and .Net for Windows Store Apps - We will create two applications, the first is a Windows Store Blank Application named MyApp.Win8 and the second is a Windows Phone 8 named MyApp.WP8 - We will add a reference to the Portable Class Library Project MyApp.Core to the Windows Store Project and the
Read more

Using taco to create Ionic projects for the Windows platform

Image
Recently Microsoft released Tools for Apache Cordova Command Line Interface (TACO CLI), by using TACO, you can quickly start building awesome Apache Cordova apps really and leave all the plumbing of the different platforms dependencies, plugins, etc. to the tools to take care of. For example the following few commands create a cordova project based on the ionic base template, add the android platform to the project, install the platform requirements, build the app, and run it in the emulator: $ taco create sampleApp --template https://github.com/driftyco/ionic-app-base $ cd sampleApp $ taco platform add android $ taco install-reqs android $ taco build android $ taco emulate android Check the TACO home page of for installation instructions and more information http://taco.tools/ . I ran into a problem when i created a new project based on the ionic base template and tried to run it on a windows 8.1 emulator, to reproduce the issue use the following taco commands to cr
Read more