|Property Codepage As Long
||The replacement cannot hook into
vbscript to conform to a codepage. Use the @codepage directive instead.
|Property Contents As
||Returns a reference to a dictionary
containing all variables.
|Property LCID As Long
||Not supported anymore
||This feature is dropped in version 5.4
|Property SessionID() As String
||Note that SessionID by default returns a 32 character hexadecimal string. If you set Application("HASH_SESSION_ID") = true, this function returs a unique numeric string (just as Microsoft's does).
|Property Staticobjects As
||There is no way to ask ASP whether it
created objects using the <OBJECT> tag.
|Property Timeout As Long
||Yes & better
||The MS Session maximum Timeout: 24
ISP Session maximum Timeout: 67 years.
|Property Value (default)
||Indexer (default property).
|Nearly all subtypes like ADO and MsXml.DomDocument
||All types including nested arrays are
supported, with the exception of Objects and UDTs. An object must be
persistable. This applies to ADO and VB instances (with the persistable option
||This is configured by setting
(optional) ASP application variables 'AD_PATH', 'AD_DOMAIN' and
CookieExpires must not be set within global.asa but within the users Session
||You are strongly discouraged to use Session.Transfer or Session.Execute
because of unnecessary resource usage. Better use a master-template without Session.
Try to avoid Transfer and Execute in high load demanding situations
|Function SessionID2(Optional AsString =True)
||SessionID has an optional parameter to
decide whether you want a binary or legible presentation.
Response.Write "The current session ID is: " + Session.SessionID2
vBinKey = Session.SessionID2(False) ' get a binary representation in a byte
array with 16 elements
Use this method in Session_OnStart (our replacement) to ensure a cookie in the URL when a browser hits an asp page on your website (eg http://www.yoursite.com/somepage.asp becomes http://www.yoursite.com/somepage.asp?GUID=[sessionid], when you use ISP Session to support cookieless sessions.
Use this method together with Session.URL() to format each href to an ASP page on your site.
Synchronizes our ISP Session to the Asp(.Net) built in Session using Microsoft's built in interop.
During the pass of IIS Intrinsics to the COM+ component, something seems broken in the IIS environmment which we cannot workaround.
You can copy the session variables yourselves from ISP Session to a native session.
eg for VBScript this would be:
For X = 1 To ISPSession.Contents.Count
key = ISPSession.Contents.Key(x)
Session.Contents(key) = ISPSession.Contents(Key)
Function URL(Byval sHREF As Variant)
Note that you need to share the same DBMS to utilize this
Sample: VBScript syntax
Response.Write "<a href="""
Response.Write """>Jump over to xyz</a>"
Synchronizes the Asp.Net built in Session using interop to our ISP Session. Basically,
it goes through all Keys and copies them one by one.
Sample (C# syntax):
Session["ourkey"] = "Hello World";
|Sub Session_OnExpired (event
called in your include ISPSession.asp)
||IIS 4 or 5 have no standard way to
test whether a session is expired.
|Property LiquidCookie As
||Protects the session against Session Hijacking & Replay attacks.
|Property IsExpired As Boolean
||Property: boolean. Returns true if the
tried to continue a non-existing or expired session
|Property IsNew As Boolean
||Property: boolean. Returns true if the
user just caused a session to be started
|Property ReEntrance As Boolean
||Property: boolean. A user can re-enter
the session (using email for instance) after the user closes the web browser.
This property is by default false and should be set to true if you want a user
to resume or continue a session from a bookmark
|Web server fault tolerant
||Even after recycling a web server, the
session is not lost.
As String) As Object
||To serialise persistable VB6 objects on the Session.
Non- persistable objects cannot be placed in the session!
If Session.Contents.Exists("myObj") Then
' deserialize the VB6 object
Set Obj = Session("myObj")
Set Obj = Session.CreateInstance("Proj1.Foo")
Set Session("myObj") = Obj
varPassword) As Boolean
||Logs a user on using Active
Directory (Windows 2000 or higher). The ASP switches to the user's security context so your ASP page or
COM+ request will run with that user's credentials. Ideal replacement for the
'Clear Text' Login on IIS in combination with SSL!
|Property IsAuthenticated() As Boolean
||Returns true if the Session was authenticated using Session.LogonUser
|Property AuthenticatedUser(NWC_TRUSTEE_FORMAT format) As String
||Returns the user named in specified format for the current executing ASP page.
Valid formats: 1 = NT4, 8 = UPN, 1 = FQDN, 6 =GUID.
|Property Readonly() As Boolean
||Optimizes the current ASP page session object for read only state. You would use this function to minimize database locks to an absolute minimum.
Enabling this option will not disable synchronization. To disable session synchronization, enable client cursors using SETUP.exe.
If this option is enabled, the page will not update the latest visit time stamp. Session expiration is dependend on this latest visit-time.
|Function LogOff() As Boolean
||Logs off the current user.
|Property Statistics(Optional appKey) As NWCDictionary
||Retrieves the Statistics Dictionary which retrieves important session/application related data such as Current Sessions
Set Stats = Session.Statistics
Compatibility with Asp.Net
Add the following page directive to your .Aspx page:
Note that ISP Session has no thread affinity so it causes the least possible context switches and does not need to utilize message pumps as VB6 components do. The aspcompat=true directive is needed only to have the DotNet runtime pass through the built in Asp.Net objects such as Application, Response, etc...
Download the C# aspx script that uses our replacement
||This system can use a 'cookie' stored
in the URL. The Session objects works exactly the same as cookies. The only
drawback is that you'll have to wrap each ASP hyperlink with the
Page execution is synchronized (one session may not execute more than one page
at the same time) per session per web farm using pessimistic locking (row based).
|Number of variables per session:
Tested on a single PIII 600 (on current quad core systems, the limit is the sky, but the test gives you an idea).
|Theoretical limit: 32,767 variables.
Practical limit in combination with script/automation: 2,000 variables.
Practical limit in combination with COM (vtable): 10,000 variables.
|Maximum data size per session:
||Limited only by your DBMS write speed in combination with your network throughput.
|Minimal OS requirements and Components:
||Windows XP Professional, Vista or Windows 2003 and 2008 R2. 64 bit or 32 bit editions.
Note: Windows 7 is only supported as a development server for ISP Session.
It has a COM+ problem which limits scalability.
||zlib, using deflate, up to 80%
||A custom database built upon the .NET 2.0 framework. It uses a binary protocol and runs as a windows service.
||Limited only by the number of web servers in combination with the speed of your storage on the Windows server, running the custom database server.
|Session key transport methods:
a) Temporary cookies. These are not stored on the HD. They are safe since they
can be set to 'secure' using SSL.
b) URL based session keys, but these entail the disadvantage that each URL
built in your ASP must be wrapped using script with
For instance, The result URL would be:
Use SSL to keep session keys safe from possible network traffic sniffers.
|Property Item(Byval varKey as Variant)
default property or indexer
|Sets/lets/gets items within the instance of the dictionary
|Readonly Property Exists (Byval varKey As Variant)
||Returns true if the key tested for, exists
|Readonly Property Count() As Long
||Returns the number of key/value entries with this dictionary
|Readonly Property Key (Byval keyIndex As Variant) As Variant
||Returns a key value by literal.
|Sub Remove(Byval varKey as Variant)(vKey)
||Removes specified key from the key/value dictionary
||Removes all key/value entries from this dictionary
|Readonly Property VarType(Byval varKey as Variant) As Integer
||Returns the variant data type for the value, accessed by specified key.
Very handy for optimization. For instance, instead of using...
If VarType(Session("myObject"))= vbObject Then...
If Session.Contents.VarType("myObject") = vbObject Then...
|Readonly Property CaseSensitive() As Boolean
||If true, causes session key variables to be case sensitive.
Session.Contents.CaseSensitive = True
Session("blah") = "Hi"
Response.Write Session("Blah") ' returns empty