/// <summary>
/// Event handler for HttpApplication.AcquireRequestState
/// </summary>
/// <param name="source"></param>
/// <param name="args"></param>
private void OnAcquireRequestState(object source, EventArgs args)
{
acquireCalled = true;
HttpApplication app = (HttpApplication)source;
HttpContext context = app.Context;
bool isNew = false;
SessionItem sessionData = null;
bool supportSessionIdReissue;
sessionIdManager.InitializeRequest(context, false, out supportSessionIdReissue);
var sessionId = sessionIdManager.GetSessionID(context);
if (sessionId != null)
{
sessionData = GetSessionItem(sessionId);
}
else
{
bool redirected, cookieAdded;
sessionId = sessionIdManager.CreateSessionID(context);
sessionIdManager.SaveSessionID(context, sessionId, out redirected, out cookieAdded);
if (redirected)
{
return;
}
}
if (sessionData == null)
{
// Identify the session as a new session state instance. Create a new SessionItem
// and add it to the local Hashtable.
isNew = true;
sessionData = AddNewSessionItem(sessionId,
SessionStateUtility.GetSessionStaticObjects(context));
}
// Add the session data to the current HttpContext.
SessionStateUtility.AddHttpSessionStateToContext(context,
new HttpSessionStateContainer(sessionId,
sessionData.Items,
sessionData.StaticObjects,
Timeout,
isNew,
CookieMode,
SessionStateMode.Custom,
false));
// Execute the Session_OnStart event for a new session.
if (isNew && Start != null)
{
Start(this, EventArgs.Empty);
}
}
private void OnAcquireRequestState(object source, EventArgs args)
{
HttpApplication app = (HttpApplication)source;
HttpContext context = app.Context;
bool isNew = false;
string sessionId;
RedisSessionItemHash sessionItemCollection = null;
bool supportSessionIDReissue = true;
sessionIDManager.InitializeRequest(context, false, out supportSessionIDReissue);
sessionId = sessionIDManager.GetSessionID(context);
if (sessionId == null)
{
bool redirected, cookieAdded;
sessionId = sessionIDManager.CreateSessionID(context);
sessionIDManager.SaveSessionID(context, sessionId, out redirected, out cookieAdded);
isNew = true;
if (redirected)
{
return;
}
}
if (!RequiresSessionState(new HttpContextWrapper(context)))
{
return;
}
releaseCalled = false;
sessionItemCollection = new RedisSessionItemHash(sessionId, redisConfig.SessionTimeout, GetRedisConnection());
if (sessionItemCollection.Count == 0)
{
isNew = true;
}
// Add the session data to the current HttpContext.
SessionStateUtility.AddHttpSessionStateToContext(context,
new TaskWaitRedisHttpSessionStateContainer(sessionId,
sessionItemCollection,
SessionStateUtility.GetSessionStaticObjects(context),
redisConfig.SessionTimeout,
isNew,
redisConfig.CookieMode,
SessionStateMode.Custom,
false));
// Execute the Session_OnStart event for a new session.
if (isNew && Start != null)
{
Start(this, EventArgs.Empty);
}
}
private bool CreateSessionId()
{
// CreateSessionId should be called only if:
Debug.Assert(_rqId == null || // Session id isn't found in the request, OR
(_rqSessionStateNotFound && // The session state isn't found, AND
s_configRegenerateExpiredSessionId && // We are regenerating expired session id, AND
_rqSupportSessionIdReissue && // This request supports session id re-issue, AND
!_rqIdNew), // The above three condition should imply the session id
// isn't just created, but is sent by the request.
"CreateSessionId should be called only if we're generating new id, or re-generating expired one");
bool redirected;
_rqId = _idManager.CreateSessionID(_rqContext.ApplicationInstance.Context);
_idManager.SaveSessionID(_rqContext.ApplicationInstance.Context, _rqId, out redirected, out _rqAddedCookie);
return(redirected);
}
void OnAcquireRequestState(object o, EventArgs args)
{
Trace.WriteLine("SessionStateModule.OnAcquireRequestState (hash " + this.GetHashCode().ToString("x") + ")");
HttpApplication application = (HttpApplication)o;
HttpContext context = application.Context;
if (!(context.Handler is IRequiresSessionState))
{
Trace.WriteLine("Handler (" + context.Handler + ") does not require session state");
return;
}
bool isReadOnly = (context.Handler is IReadOnlySessionState);
bool supportSessionIDReissue;
if (idManager.InitializeRequest(context, false, out supportSessionIDReissue))
{
return; // Redirected, will come back here in a while
}
string sessionId = idManager.GetSessionID(context);
handler.InitializeRequest(context);
storeData = GetStoreData(context, sessionId, isReadOnly);
storeIsNew = false;
if (storeData == null && !storeLocked)
{
storeIsNew = true;
sessionId = idManager.CreateSessionID(context);
Trace.WriteLine("New session ID allocated: " + sessionId);
bool redirected;
bool cookieAdded;
idManager.SaveSessionID(context, sessionId, out redirected, out cookieAdded);
if (redirected)
{
if (supportSessionIDReissue)
{
handler.CreateUninitializedItem(context, sessionId, (int)config.Timeout.TotalMinutes);
}
context.Response.End();
return;
}
else
{
storeData = handler.CreateNewStoreData(context, (int)config.Timeout.TotalMinutes);
}
}
else if (storeData == null && storeLocked)
{
WaitForStoreUnlock(context, sessionId, isReadOnly);
}
else if (storeData != null &&
!storeLocked &&
storeSessionAction == SessionStateActions.InitializeItem &&
IsCookieLess(context, config))
{
storeData = handler.CreateNewStoreData(context, (int)config.Timeout.TotalMinutes);
}
container = CreateContainer(sessionId, storeData, storeIsNew, isReadOnly);
SessionStateUtility.AddHttpSessionStateToContext(app.Context, container);
if (storeIsNew)
{
OnSessionStart();
HttpSessionState hss = app.Session;
if (hss != null)
{
storeData.Timeout = hss.Timeout;
}
}
// Whenever a container is abandoned, we temporarily disable the expire call back.
// So in this case we are quite sure we have a brand new container, so we make sure it works again.
supportsExpiration = handler.SetItemExpireCallback(OnSessionExpired);
}
//</Snippet3>
//<Snippet4>
//
// Event handler for HttpApplication.AcquireRequestState
//
private void OnAcquireRequestState(object source, EventArgs args)
{
HttpApplication app = (HttpApplication)source;
HttpContext context = app.Context;
bool isNew = false;
string sessionID;
SessionItem sessionData = null;
bool supportSessionIDReissue = true;
pSessionIDManager.InitializeRequest(context, false, out supportSessionIDReissue);
sessionID = pSessionIDManager.GetSessionID(context);
if (sessionID != null)
{
try
{
pHashtableLock.AcquireReaderLock(Int32.MaxValue);
sessionData = (SessionItem)pSessionItems[sessionID];
if (sessionData != null)
{
sessionData.Expires = DateTime.Now.AddMinutes(pTimeout);
}
}
finally
{
pHashtableLock.ReleaseReaderLock();
}
}
else
{
bool redirected, cookieAdded;
sessionID = pSessionIDManager.CreateSessionID(context);
pSessionIDManager.SaveSessionID(context, sessionID, out redirected, out cookieAdded);
if (redirected)
{
return;
}
}
if (sessionData == null)
{
// Identify the session as a new session state instance. Create a new SessionItem
// and add it to the local Hashtable.
isNew = true;
sessionData = new SessionItem();
sessionData.Items = new SessionStateItemCollection();
sessionData.StaticObjects = SessionStateUtility.GetSessionStaticObjects(context);
sessionData.Expires = DateTime.Now.AddMinutes(pTimeout);
try
{
pHashtableLock.AcquireWriterLock(Int32.MaxValue);
pSessionItems[sessionID] = sessionData;
}
finally
{
pHashtableLock.ReleaseWriterLock();
}
}
// Add the session data to the current HttpContext.
SessionStateUtility.AddHttpSessionStateToContext(context,
new HttpSessionStateContainer(sessionID,
sessionData.Items,
sessionData.StaticObjects,
pTimeout,
isNew,
pCookieMode,
SessionStateMode.Custom,
false));
// Execute the Session_OnStart event for a new session.
if (isNew && Start != null)
{
Start(this, EventArgs.Empty);
}
}
public string GetUser(ControllerContext context)
{
var httpContext = context.HttpContext;
var request = httpContext.Request;
var response = httpContext.Response;
// Use the same user for the duration of the request.
if (httpContext.Items.Contains(cachedHttpContextKey))
{
return((string)httpContext.Items[cachedHttpContextKey]);
}
var fallbackCookie = request.Cookies[fallbackCookieName];
string user;
if (httpContext.Request.IsAuthenticated)
{
// The user has gone from being an anonymous user to an
// authenticated user.
if (httpContext.Request.AnonymousID != null)
{
user = httpContext.Request.AnonymousID;
}
else if (IsValidCookie(fallbackCookie))
{
// Even though we're authenticated, the anonymous ID is
// used for this request because we want to grab the temp
// data from the previous request (when the user was
// unauthenticated).
user = fallbackCookie.Value;
// Expire the cookie since don't need the cookie anymore.
response.Cookies.Add(new HttpCookie(fallbackCookieName)
{
Expires = DateTime.UtcNow.AddYears(-1)
});
}
else
{
user = GetUserFromContext(httpContext);
}
}
else if (httpContext.Request.AnonymousID != null)
{
user = httpContext.Request.AnonymousID;
}
// Fallback to the current session ID only when it hasn't changed
// since new sessions are generated until the session is actually
// *used*. However, if you're going this route, you should probably
// be using the default SessionStateTempDataProvider in MVC :).
else if (httpContext.Session != null && !httpContext.Session.IsNewSession)
{
user = httpContext.Session.SessionID;
}
else if (!IsValidCookie(fallbackCookie))
{
// The session ID manager is used to generate a secure ID that
// is valid for a cookie (no reason to reinvent the wheel!).
user = sessionIdManager.CreateSessionID(httpContext.ApplicationInstance.Context);
// Issue a new cookie identifying the anonymous user.
response.Cookies.Add(new HttpCookie(fallbackCookieName, user)
{
HttpOnly = true
});
}
else
{
user = fallbackCookie.Value;
}
httpContext.Items[cachedHttpContextKey] = user;
return(user);
}