[Mono-dev] Critical Session Problem with SQLServer Session state mode
Robert Jordan
robertj at gmx.net
Thu Jan 25 13:28:24 EST 2007
Hi Hubert,
Hubert FONGARNAND wrote:
> with a clear test case attached
>
> see : http://bugzilla.ximian.com/show_bug.cgi?id=80617
>
>
> Thanks!
>
> I think it's a big security and fonctionnality problem...
This is not a security problem per se. You're using
the same database for the sessions state:
Site 1:
<system.web>
<sessionState mode="SqlServer"
sqlConnectionString="server=10.69.100.92;user
id=postgres;password=postgres;database=aspstate" timeout="20"/>
</system.web>
Site 2:
<system.web>
<sessionState mode="SqlServer"
sqlConnectionString="server=10.69.100.92;user
id=postgres;password=postgres;database=aspstate" timeout="20"/>
</system.web>
Just use different DBs for the sites and everything is fine.
Robert
More information about the Mono-devel-list
mailing list