public HttpSession GetHttpSession(HttpContext context)
 {
     HttpSession httpSession = null;
     if (context != null && context.Session != null)
     {
         lock (this.SyncRoot)
         {
             if (_sessions.ContainsKey(context.Session.SessionID))
             {
                 httpSession = GetSession(context.Session.SessionID) as HttpSession;
             }
             else
             {
                 httpSession = new HttpSession(this, context.Session.SessionID);
                 log.Debug(__Res.GetString(__Res.Session_Create, httpSession.Id));
                 httpSession.AddSessionDestroyedListener(this);
                 context.Session[HttpSession.FluorineSessionAttribute] = httpSession.Id;
                 _sessions[context.Session.SessionID] = httpSession;
                 Renew(httpSession, context.Session.Timeout);
             }
         }
     }
     //Session state is not enabled, <sessionState mode="Off"/>
     return httpSession;
 }
 public HttpSession GetHttpSession(HttpContext context, string sessionID)
 {
     // By design: the lock is on session state. Only one request (to the same session) is allowed at the same time.
     // The reason for this is because there is no locking code for accessing an object in session.
     HttpSession httpSession = null;
     if (context != null)
     {
         lock (this.SyncRoot)
         {
             if (_sessions.ContainsKey(sessionID))
             {
                 httpSession = GetSession(sessionID) as HttpSession;
             }
             else
             {
                 httpSession = new HttpSession(this, sessionID);//Never handled as a new Session
                 log.Debug(__Res.GetString(__Res.Session_Create, httpSession.Id));
                 httpSession.AddSessionDestroyedListener(this);
                 _sessions[httpSession.Id] = httpSession;
                 //Renew(httpSession, context.Session.Timeout);
             }
         }
     }
     return httpSession;
 }