How to generate a unique session id for an ASP.NET application

<< Don't call into the CLR from SQL Server | Home | Moving on from Radio >>

It is often useful to be able to track a user session through your ASP.NET application whilst avoiding the use of server-side session state. The following code generates a session cookie on the first request which will then be propagated to subsequent requests until you either clear the cookie or the user closes their browser.

using System;
using System.Web;
namespace Sample {
 public class SessionModule : IHttpModule {
  #region IHttpModule Members
  public void Init(HttpApplication context) {
   context.AuthenticateRequest +=
     new EventHandler(OnAuthenticateRequest);
  }
  public void Dispose() { }
  #endregion


  #region Event Handler
  private void OnAuthenticateRequest(object sender,EventArgs e) {
   HttpContext ctx = HttpContext.Current;
   HttpCookie cookie = ctx.Request.Cookies["SampleSession"];
   if(cookie==null) {
    ctx.Response.Cookies.Add(
     new HttpCookie("SampleSession",Guid.NewGuid().ToString()));
   }
  }
  #endregion
 }
}

You then need to add the HttpModule into the application in your web.config file as follows:

<httpModules>
  <add
    type="Sample.SessionModule,SampleSession"
    name="SessionIdentification"
  />
</httpModules>

where SampleSession is the name of the assembly that the class is compiled into.

posted on Friday, May 23, 2003 11:45 AM |

Comments have been closed on this topic.