The issue of generating a new session ID after postbacks
Published Jun 21 2019 11:01 AM 8,640 Views

The session ID should remain the same for the same visitor in the same connection. If the session ID changes between pages, It will likely to break your application especially if you are using session ID to improve your ViewState complexity. An example to this usage:


Page.ViewStateUserKey = Session.SessionID;


How to keep the session ID same

  1. Make sure not to create session cookie repeatedly. If the code that creates session cookie is executed between postbacks, you will end up having a different session ID because the session cookie is recreated.
    Response.Cookies.Add(new HttpCookie("id", ""))
  2. Make sure no to generate session ID repeatedly. An example code of session ID creation:
  3. Assign a dummy value to your session cookie in Global.asax:
    protected void Session_Start(object sender, EventArgs e)
    // It adds an entry to the Session object so the sessionID is kept for the entire session   
    Session["init"] = "session start";
  4. Assign a dummy value to your session cookie in Page_Load method of your homepage:
    protected void Page_Load(object sender, EventArgs e){     Session["init"] = "session start";}


It works in the server but not in localhost?

In your web.config file, change the value of httpOnlyCookies and requireSSL parameters to false. If they are set to true, the local server will force the application to regenerate session between pages. Make sure to switch these values back to true before you migrate your code to the server.


<httpCookies httpOnlyCookies="false" requireSSL="false"/>


Version history
Last update:
‎Jun 21 2019 11:02 AM
Updated by: