Multi Tab Session Management
The last two major projects I have worked on in the last two years, have been major business application written in asp.net. Since the upgrade to the shinny new IE7, user have been able to open sites in multiple tabs, and since about 2 weeks into mass adoption on IE7 and the understanding of how tabs work, everyone has instantaneously become dependant on running in multiple tab . Here lieth the problem.
The applications are all written using the same framework, which relies heavily on session state to store page state information. Without session state, the application craps itself, literally. The design of IE7 tab (and before you go complaining about crappy MS, firefox is designed the same way) any additional tabs opened in the same window share the same session. This equates to vital session information such are the current record id to be overwritten by the new tabs selection. Major boo boo for application state. to make things worse, the framework requires the same session information to be available to unbind the data into the same container. if the container changes, even if it is the same type, the application will crash, no questions asked.
There is a good reason for the tabs to share session state. Imagine you are on your favorite web application, lets say for arguments sake you like facebook.. ahum... now imagine, with all your multi tasking skills, you like looking at your too favorites friends profiles simultaneously in two different tabs. you like to open different photo galleries, inbox, comments, profiles... a true multi tasking mecca. if they stamped you with a Intel logo, they would call you Icosa-Core. Now imagine each time you opened a new tab, you had to login in again?? suddenly the all powerful Icosa-Core come tumbling down. if you think about it, it does kind of make sence.
The question then becomes, How can such a business critical application not be able to handle multiple tabs? Well here comes Multitab.SessionManager http module.
Multitab.SessionManager is a http module which can easily be added to any ASP.net application, to allow multiple tabs to live in different context within the same session state. The HttpModule uses session state as a facade. This means the use of the conventional session state object remains unchanged, but the complexity of managing multiple states is hidden within this Http module., which can be plugged into any asp.net web application.
The module does this be maintaining different object collections internally which is then stored back in the session state object. This does mean there is some overhead when this module is added to your application, but this is only natural as we need to maintain more then 1 set of session values per request.
How it works
When the page loads a unique guid is created which will be used as the context pointer for the cache. A unique guid is created each time a GET request is detected, this guid is used to store the session values against, so when a post back is detected the values can be loaded from the cache. Then the custom asp.net code is run, which uses and updates the session values. Then just before the session state object is destroyed all the session values are stored in the cache using the unique guid value.
This does mean that your session cache can grow rapidly, but in this latest version, the cache is expired if the values have not been updated in a set period.
So to summarise, the session State manager holds your current state plus it saves and retrieves information from a cache based on a session guid. which is created per each Get request.
I'm currently in the process of testing this code and verifying that it does actually work (it does work for simple apps) in a real world scenario.
Try it and see. all you need to do is run the web app. I have created a sample page which can show you what is stored in session and the cache. test it opening different tabs
Source code
Alternate consideration.
As you may or may not know, session state is actually managed ultimately by a cookie ASP.SessionId key which is the key to your session data store on the server. My Initial though was to change this key via Javascript and have the session state automatically retrieve its store from the corresponding key updated. But the problem with this, is that you can stop the user copying a URL and just pasting it into a browser. This Little problem, means there is nothing else to do but manage all session state in the 1 store and use logical events and values retrieved from the response and request to determine how the session is managed.
Have a go, and let me know if you know a better way.
The applications are all written using the same framework, which relies heavily on session state to store page state information. Without session state, the application craps itself, literally. The design of IE7 tab (and before you go complaining about crappy MS, firefox is designed the same way) any additional tabs opened in the same window share the same session. This equates to vital session information such are the current record id to be overwritten by the new tabs selection. Major boo boo for application state. to make things worse, the framework requires the same session information to be available to unbind the data into the same container. if the container changes, even if it is the same type, the application will crash, no questions asked.
There is a good reason for the tabs to share session state. Imagine you are on your favorite web application, lets say for arguments sake you like facebook.. ahum... now imagine, with all your multi tasking skills, you like looking at your too favorites friends profiles simultaneously in two different tabs. you like to open different photo galleries, inbox, comments, profiles... a true multi tasking mecca. if they stamped you with a Intel logo, they would call you Icosa-Core. Now imagine each time you opened a new tab, you had to login in again?? suddenly the all powerful Icosa-Core come tumbling down. if you think about it, it does kind of make sence.
The question then becomes, How can such a business critical application not be able to handle multiple tabs? Well here comes Multitab.SessionManager http module.
Multitab.SessionManager is a http module which can easily be added to any ASP.net application, to allow multiple tabs to live in different context within the same session state. The HttpModule uses session state as a facade. This means the use of the conventional session state object remains unchanged, but the complexity of managing multiple states is hidden within this Http module., which can be plugged into any asp.net web application.
The module does this be maintaining different object collections internally which is then stored back in the session state object. This does mean there is some overhead when this module is added to your application, but this is only natural as we need to maintain more then 1 set of session values per request.
How it works
When the page loads a unique guid is created which will be used as the context pointer for the cache. A unique guid is created each time a GET request is detected, this guid is used to store the session values against, so when a post back is detected the values can be loaded from the cache. Then the custom asp.net code is run, which uses and updates the session values. Then just before the session state object is destroyed all the session values are stored in the cache using the unique guid value.
This does mean that your session cache can grow rapidly, but in this latest version, the cache is expired if the values have not been updated in a set period.
So to summarise, the session State manager holds your current state plus it saves and retrieves information from a cache based on a session guid. which is created per each Get request.
I'm currently in the process of testing this code and verifying that it does actually work (it does work for simple apps) in a real world scenario.
Try it and see. all you need to do is run the web app. I have created a sample page which can show you what is stored in session and the cache. test it opening different tabs
Source code
Alternate consideration.
As you may or may not know, session state is actually managed ultimately by a cookie ASP.SessionId key which is the key to your session data store on the server. My Initial though was to change this key via Javascript and have the session state automatically retrieve its store from the corresponding key updated. But the problem with this, is that you can stop the user copying a URL and just pasting it into a browser. This Little problem, means there is nothing else to do but manage all session state in the 1 store and use logical events and values retrieved from the response and request to determine how the session is managed.
Have a go, and let me know if you know a better way.
Comments
Post a Comment