ISessionIDManager.GetSessionID(HttpContext) Method


Gets the session identifier from the context of the current HTTP request.

 System::String ^ GetSessionID(System::Web::HttpContext ^ context);
public string GetSessionID (System.Web.HttpContext context);
abstract member GetSessionID : System.Web.HttpContext -> string
Public Function GetSessionID (context As HttpContext) As String



The current HttpContext object that references server objects used to process HTTP requests (for example, the Request and Response properties).



The current session identifier sent with the HTTP request.


The following code example shows a partially implemented GetSessionID method. If your custom session-ID manager supports cookieless session identifiers, you will need to implement a solution for sending and retrieving session identifiers in the URL, such as an ISAPI filter.

public string GetSessionID(HttpContext context)
  string id = null;

  if (pConfig.Cookieless == HttpCookieMode.UseUri)
    // Retrieve the SessionID from the URI.
    id = context.Request.Cookies[pConfig.CookieName].Value;

  // Verify that the retrieved SessionID is valid. If not, return null.

  if (!Validate(id))
    id = null;

  return id;
Public Function GetSessionID(context As HttpContext) As String _
  Implements ISessionIDManager.GetSessionID

  Dim id As String = Nothing

  If pConfig.Cookieless = HttpCookieMode.UseUri Then
    ' Retrieve the SessionID from the URI.
    id = context.Request.Cookies(pConfig.CookieName).Value
  End If    

  ' Verify that the retrieved SessionID is valid. If not, return Nothing.

  If Not Validate(id) Then _
    id = Nothing

  Return id
End Function


The GetSessionID method is called by the SessionStateModule during the HttpApplication.AcquireRequestState and HttpApplication.EndRequest events. If you cannot retrieve a valid session identifier from the HTTP request, return null. If the SessionStateModule receives null from the GetSessionID method, it will call the CreateSessionID method to get a new session identifier for a new session.

If it is possible that the value returned by your CreateSessionID implementation contains characters that are not valid in an HTTP response or request, you should use the UrlEncode method to encode the session-identifier value in your SaveSessionID method implementation and the UrlDecode method to decode the session-identifier value in your GetSessionID method implementation.

Applies to

See also