Server session management on different application

Question

0.00/5 (No votes)

See more:

, +

My application structure:
UI (HTML & angular JS) - Separate Host project. Lets consider the hosted URL is (http://localhost:1437/UI)
API (WEB API & C#) - Separate Host project. Lets consider the hosted URL is (http://localhost:1450/API)
Note: NO MVC

My all API calls from UI like normal http angular call with the reference of API url.

Now, I wanted to hold some session data(not large values, literally one integer Id) as per requirement. I can hold the session data only on API project, but not on UI project since no server side code on here.

I am able to achieve the session management in WEB API. but each and every time API call, new session creating when I call API from UI project. but calling API directly from browser URL, session data holds good.

I could understand, the problem because of the both applications are independent.

So, anyone can suggest how can I achieve the above problem.

thanks in advance! :-)

What I have tried:

I am able to achieve if both application hosted as it one!
But my application architecture is it must be 2 different hosts

Posted 31-Jan-19 23:31pm

Prakash Thirumoorthy

Updated 1-Feb-19 0:16am

Add a Solution

Comments

F-ES Sitecore 1-Feb-19 5:48am

Have you tried google for "asp.net sharing session"? There isn't any out of the box solutions, you'll probably need to implement some kind of shared session provider yourself.

Prakash Thirumoorthy 1-Feb-19 6:03am

but sharing session is depends on SQL. My application works both MySQL and SQL. So cannot depend on it. :-(

F-ES Sitecore 1-Feb-19 6:10am

You can use in-memory session management too.

Prakash Thirumoorthy 1-Feb-19 8:26am

I will try this and let yu know

MadMyche 1-Feb-19 5:54am

Does your UI project accept Cookies from the API?

Prakash Thirumoorthy 1-Feb-19 6:02am

No. cookie disabled

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

MadMyche · Answer 1 · 2019-02-01T00:17:00

Looks like the problem is that the UI portion of this is not accepting the Session Cookie from the WebAPI.
When the API does not receive the Session Cookie from a client, the API will start a new session when it receives a request.

What you will need to do then is to enable cookies in the UI portion of your project.
MS Docs does have guidance on this: HTTP Cookies in ASP.NET Web API | Microsoft Docs[^]
There are also some third party GIT packages such as CookieAwareWebClient that may make this easier

Addendum 1
Cookieless sessions were once the answer but are no longer supported. They also made really ugly URLs as they tacked on a query string to ID the session
ASP.NET MVC and using cookieless sessions - Stack Overflow[^]

Addendum 2
Upon re-reading your original post, I see you only are going to be dealing with "literally one integer ID", what you could do is send that data out as a response header (encrypted if needed) and have the calling UI receive it and send it back in the request headers.
This is how some APIs work keeping track of tokens for identification and authorization types of things