FIX: ASP.NET SQL Server Session State Impersonation Is Lost Under Load

This article was previously published under Q324479
Retired KB Content Disclaimer
This article was written about products for which Microsoft no longer offers support. Therefore, this article is offered "as is" and will no longer be updated.
If your ASP.NET applications use integrated SQL Server session state, you may receive the following error message in the client browser:
Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Data.SqlClient.SqlException: Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.

Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:
[SqlException: Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.]
System.Data.SqlClient.SqlConnection.Open() +761
System.Web.SessionState.SqlStateConnection..ctor(String sqlconnectionstring) +105 [HttpException (0x80004005): Unable to connect to SQL Server session database.]
System.Web.SessionState.SqlStateConnection..ctor(String sqlconnectionstring) +195
System.Web.SessionState.SqlStateClientManager.GetConnection() +73
System.Web.SessionState.SqlStateClientManager.GetExclusive(String id) +32
System.Web.SessionState.SqlStateClientManager.BeginGetExclusive(String id, AsyncCallback cb, Object state) +6
System.Web.SessionState.SessionStateModule.GetSessionStateItem() +70
System.Web.SessionState.SessionStateModule.PollLockedSessionCallback(Object state) +171
[HttpException (0x80004005): Exception of type System.Web.HttpException was thrown.]
System.Web.HttpAsyncResult.End() +54
System.Web.SessionState.SessionStateModule.EndAcquireState(IAsyncResult ar) +18
System.Web.AsyncEventExecutionStep.OnAsyncEventCompletion(IAsyncResult ar) +80
This problem occurs because impersonation can be lost when session state is being accessed under situations of heavy load in ASP.NET.
A supported fix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Apply it only to computers that are experiencing this specific problem. This fix may receive additional testing. Therefore, if you are not severely affected by this problem, Microsoft recommends that you wait for the next Microsoft .NET Framework service pack that contains this fix.

To resolve this problem immediately, contact Microsoft Product Support Services to obtain the fix. For a complete list of Microsoft Product Support Services phone numbers and information about support costs, visit the following Microsoft Web site:NOTE: In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The typical support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
   Date         Time   Version         Size     File Name   -------------------------------------------------------------   13-Jun-2002  04:46  1.0.3705.289    192,512  Aspnet_isapi.dll   13-Jun-2002  04:39  1.0.3705.289     19,332  Aspnet_perf.ini   13-Jun-2002  04:46  1.0.3705.289     24,576  Aspnet_regiis.exe   13-Jun-2002  04:46  1.0.3705.289      2,872  Aspnet_wp.exe   22-Apr-2002  17:54  1.0.3705.289      8,709  SmartNav.js   22-Apr-2002  17:54  1.0.3705.289      7,003  SmartNavIE5.js   13-Jun-2002  22:23  1.0.3705.289  1,187,840  System.Web.dll				

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.
high load

Artikelnummer: 324479 – Letzte Überarbeitung: 10/11/2005 21:50:03 – Revision: 2.4

Microsoft ASP.NET 1.0

  • kbhotfixserver kbqfe kberrmsg kbbug kbfix kbnetframe100presp3fix kbqfe kbsecurity kbstate KB324479