Sharing Session variable through espace

My objective is very simple; I would like to be able to share "Session Variable" through espaces.

Some discussions exist on the subject and basically, I understood the "best" would be to save all that information in an Entity having Attributes for all the information I need to share.  

In order to go that way, I would need to identify each instance in the Entity with enough information enabling every module to find the information it is looking for.  

To do so, the information needed to look into the Entity needs to be available from each espace.  The first one we may think of, is the UserName which I assume is the same one from an espace to another.  

However, in order to be safer, I am looking to find another Information such as Logging Time or any specific ID that is available from any modules that is called after. 

Such a safer approach is to avoid the possibility of having a situation of for instance, two sessions opened simultaneously.   

By the way, any approach not requiring the use of an Entity is welcomed.  



Hi Pierre,

You can create an action that outputs the value of the session variable. You can call that action on other modules.



Create Get methods which are public on each espace that needs to share the Session variables. 

Hi, I think I'm having a similar challenge here.. of course we need to expose actions to share the Session variables but my issue is that I'm loosing the session while the user still logged..

My scenario is as above.. Common module share the session variable ClientId with Module1 and Module2.. Login page is also in Common module.. 

Anyway, after maybe 20 minutes of user non-interaction Portal_Common looses ClientId value.. but user still logged in Portal_Module1 and Portal_Module2.. 

I'm guessing a cookie is doing this job.. and if it's a cookie that is extending the user authentication session why does it not extend the Session in Portal_Common?

What's the best approach in this case?

Tiago Lopes

Best approach is really to not use session variables like this. They should only be used for minor things, like remembering what page you were on in a list of results, or the sort order of a table. As soon as a disappearing or changing session variable has a significantly bad impact on your logic, that is a warning sign to not use them for that purpose.


Justin, let me disegree with you..

In this scenario when a user logs, he/she selects the client for using during the session.. and if the the same user logs in a different browser it will create a different session that may have a different clientId selected.. so this is a case of session context..

Regardless the meaning of the session variable that we want to share there is something wrong with this cookie logic.. and I'd like to really keep this clientid available during the user session..

Is there anything that we can do to make the session in the Common module lasts the same period of time that it lasts in what concerns to userid..

Thanks.. Tiago

Again... don't trust Session for important information. You can disagree with me all you want, but your experience here is proving my point.

If you need to store information in this fashion, generate a record to store the data, use a GUID (via GenerateGUID() in System) as a public ID, and set that GUID in the user's browser via the SetCookie call in HTTPRequestHandler, read that cookie with GetCookie when you need it, and read the value, looking up by the GUID. You will probably want to index that GUID, add a "last accessed" timestamp, and have a timer to delete values when they have not been accessed in a while.

Again... don't use Session for this. Not what it is designed for.


Hi Justin.. sorry I took so long to reply.. I've been working in other stuff..

Anyway, thanks for your suggestion.. it seems like the right thing to do..

But I'm still wondering why we loose the session while we still logged..
Looking at the cookies..

..we can notice that both ASP.NET_SessionId and Users.sid don't expire..
So, it looks to me like a weird behaviour of the platform..
..maybe the reason is to do some cleaning also..

I still have two question:

1. Where can we set the expiring time for the login session?
   I believe we can set this value at least per environment.

2. Can we access ASP.NET_SessionId cookie to get e expiresOn DateTime?
   Maybe using the GetCookie from HTTPRequestHandler.


Session length is set/managed by IIS I believe. It's not really about the length of the cookie, it's about what happens under the hood in the session database, where it has a timestamp for last-accessed and clears old sessions out of the DB.