Session getting reset on redirecting from Login Page
I had made some changes to existing web site by adding a base page and recactoring boilerplate code from all pages to that one. But something strange happened. Aftre the changes, I was not able to login and view any page when debugging from Visual Studio :( Surprisingly though, same stuff worked on production server.
After redirecting from login page:
Session[User.SessionKey]=user; Response.Redirect("~/UserHome.aspx");
I read over something stackoverflow and here. It recommended to use following overload of Response.Redirect:
Session[User.SessionKey]=user; Response.Redirect("~/UserHome.aspx", false);
But still I was getting null values and Sesson_Start was called on every page request. So session was not getting stored anywhere (We use InProc session).
After careful examination of
web.config
I came across following line.
<httpCookies httpOnlyCookies="true" requireSSL="true"/>
So it explained the whole thing. Someone had added requireSSL="true" to check local SSL certificate and checed in the file. So when running from VS over HTTP, no cookies were stored and session was started with every request.
Changing it to following made things work:
<httpCookies httpOnlyCookies="true" requireSSL="false"/>
