0

I'm observing a weird situation, and I'm hoping someone has some insight. It's not an ideal situation (trying to support legacy stuff). What I'm observing is illustrated in this example:

I've got one server in my load balanced server pool. In an outer page loaded from the load balanced url, I'm stuffing some values into HttpContext.Current.Session in Page_Load.

On that page is an iframe which loads an inner page from the specific server url (the same server that the load balanced page hit). HttpContext.Current.Session in Page_Load of the inner page does not have the values I just stuffed into it from the outer page.

I used to think it would be specific to the machine per whatever's in the user's cookie. Does HttpContext.Current.Session depend on the url?

Yoh Suzuki
  • 1,435
  • 2
  • 11
  • 15

1 Answers1

1

There are many factors here. First, are you certain that it's loading the url from the same machine? Remember that an iframe is client based, not server based. That means when an iframe loads another page, it too goes through the load balancer, unless you have some mechanism in place to ensure it stays on the same page (sticky sessions, for instance).

Second, is the url you're using for the iframe using the same domain name? Are both using the same transport (http or https)? If any of these are different, it will create a new session for the iframe.

Erik Funkenbusch
  • 92,674
  • 28
  • 195
  • 291
  • Yup, the outer page is aware of the actual server it ended up on, and writes that server's url into the iframe source. I've also only got one server in the pool for the purposes of debugging. – Yoh Suzuki Sep 25 '12 at 18:08
  • However, the load balanced url uses a different subdomain. Will that be a separate session? – Yoh Suzuki Sep 25 '12 at 18:09
  • Yes, it very well could be. However, you can solve that making sure the session cookie domain is looks like this: `.mydomain.com` rather than `mydomain.com`. – Erik Funkenbusch Sep 25 '12 at 18:11
  • Actually, my cookie domain is .mydomain.com, so it should share the session between the different subdomains. It is also the same transport. – Yoh Suzuki Sep 25 '12 at 18:19