Session Variables assigned to the wrong session?

Hi all,


I have an ASP.net application in which I keep the user login in session
variables.

Today, with two users accessing simultaneously the application (in
different sessions, but accessing the same page), I noticed that in some
postbacks the returned page was not the one that the user was working; the
data of the form are of the other user.

At first, I thought that it was some problem with the cache of the server -
I'm still not certain if it isn't -, but some operations in the system
depends on the login stored in session variables, and following these
operations I'm sure that the login session variable has changed with the
wrong page returned by the server.

I'm sure that this problem is not related with session expiration, in some
cases it occurs just some seconds after the login. After the "session
change", if I force postbacks by clicking in controls or links in my
application, the login session variable returns to the correct value.

Does anyone know what is happening? Any help or suggestion will be
appreciated.
Thanks in advance,


Fabrício de Novaes Kucinskis.

Fabrício,

i have seen this happen when using an external proxy/cache server i front of
the
server running the asp.net web application.

The problem was the proxy server did not differentiate between different
ID's used in the
VaryByParams property on our page.

Check with your ISP to see what type of proxy server they are using and what
type of
caching regime it uses.


--

Best regards,
Geir Aamodt
geir.aamodt(AT)bekk.no

"Fabrício de Novaes Kucinskis" <abstrat (AT) uol (DOT) com.br> wrote

Quote:

Hi all,


I have an ASP.net application in which I keep the user login in session
variables.

Today, with two users accessing simultaneously the application (in
different sessions, but accessing the same page), I noticed that in some
postbacks the returned page was not the one that the user was working; the
data of the form are of the other user.

At first, I thought that it was some problem with the cache of the
server - I'm still not certain if it isn't -, but some operations in the
system depends on the login stored in session variables, and following
these operations I'm sure that the login session variable has changed with
the wrong page returned by the server.

I'm sure that this problem is not related with session expiration, in some
cases it occurs just some seconds after the login. After the "session
change", if I force postbacks by clicking in controls or links in my
application, the login session variable returns to the correct value.

Does anyone know what is happening? Any help or suggestion will be
appreciated.
Thanks in advance,


Fabrício de Novaes Kucinskis.