2. ASPRunnerPro General questions
  3. Session ('OWNERD') problem
This topic is locked

Session ('OWNERD') problem

 		11/10/2008 5:49:11 PM
ASPRunnerPro General questions
G
 gpsit author

Hi - I have an issue with my session("OwnerID") variable. When someone logs into the system it captures a session variable for OwnerID to be used in a number of asp pages both generated by ASPrunner and external pages I have written. the OwnerID session is only written in the login.asp. This working perfectly until that person logs out and then a new user logs in on the same computer/webbrower. The ownerID then switches back forth between the different logins, e.g. userA logs in for a while then logs out UserB logs in, then menu.asp page shows logged in as "userB" the user goes to a list.asp page and it now shows logged in as "userA", after a refresh/reloading the page it shows logged in as "userB".
What am I doing wrong here? Has anyone had a similar issue.
Any help would be fanastic as I need my system to go live soon and really need this to be resolved
Sergey Kornilov admin 11/10/2008

It looks like you are looking at the cached version of the page. Browser believes that page hasn't changed and displays the old copy of the page.
G
 		gpsit author 11/10/2008

I thought this maybe the case - how do I fix this without adding "reload()" to each asp page?
Sergey Kornilov admin 11/10/2008

You can try to modify include/dbcommon.asp file the following way. See my changes in bold:

<%@codepage=1252%>

<%

pStr = "private, no-cache, must-revalidate"

Response.ExpiresAbsolute = #2000-01-01#

Response.AddHeader "pragma", "no-cache"

Response.AddHeader "cache-control", pStr

cCharset = "Windows-1252"
G
 		gpsit author 11/11/2008

Thanks Sergey - problem solved!!
Sergey Kornilov admin 11/11/2008

Thanks for the update!
We'll investigate it further and we'll add this as a default option.
M
 		mccreelake 11/14/2008

Hi, I am having a similar problem and tried the fix but it is still having the problem.
If users are authenticated in one application, they can type a URL in the browser from another ASPRunner authenticated application even if they are not in the authentication data from the other application. Example: User A logs into Application 1. User A can type in a URL from Application 2 and be allowed in the application even if they do not have a login for that application.
Is there another possible fix?
Sergey Kornilov admin 11/15/2008

McCree Lake,
this how IIS works by default - sessions are shared.
Make sure that each application resides in it's own virtual directory. In this case sessions won't be shared.
G
 		gpsit author 11/16/2008

Update: I was still having problems as previously mentioned, but had a bit of a server meltdown over the weekend and had to reinstall IIS after which I realised I didn't have a virtual directory setup for my website.
Now it all works perfectly!!