Failed session every two

Hi! I think there is a problem (or I have a problem?) with the GenerateNewSessionCookiesOnAuthentication = true parameter in AuthFeature.
I just created a simple ServiceStack ASP.NET Empty Project in VS and here is my AppHost class:

    public class AppHost : AppHostBase
        /// <summary>
        /// Default constructor.
        /// Base constructor requires a name and assembly to locate web service classes. 
        /// </summary>
        public AppHost()
            : base("simpletestauth", typeof(MyServices).Assembly)


        /// <summary>
        /// Application specific configuration
        /// This method should initialize any IoC resources utilized by your web service classes.
        /// </summary>
        /// <param name="container"></param>
        public override void Configure(Container container)
            Plugins.Add(new CorsFeature());

            string connectionString = string.Empty;
            connectionString += "Server=myserver;";
            connectionString += "Database=mydb;";
            connectionString += "Application Name=myappname;";
            connectionString += "User Id=myuser;";
            connectionString += "Password=mypassword";

            container.Register<IDbConnectionFactory>(new OrmLiteConnectionFactory(connectionString, SqlServerDialect.Provider));


            var db = container.Resolve<IDbConnectionFactory>().Open();

        private void ConfigureAuth(Funq.Container container)
                new AuthFeature(() => new AuthUserSession(),
                    new IAuthProvider[] {
                        new CredentialsAuthProvider(),
                    GenerateNewSessionCookiesOnAuthentication = true,
                    MaxLoginAttempts = 5

            container.Register<ICacheClient>(new MemoryCacheClient());

            container.Register<IUserAuthRepository>(new OrmLiteAuthRepository(Resolve<IDbConnectionFactory>()));

            var authRepo = (OrmLiteAuthRepository)container.Resolve<IUserAuthRepository>();

                var serviceUser = authRepo.CreateUserAuth(new UserAuth
                    UserName = "service",
                    DisplayName = "service displayname",
                    Email = "",
                    Roles = new List<string>(new string[] { "Service" })
                }, "service");
            catch (Exception) { }


I have only defined my Sql Server connection and registered the standard AuthFeature with the creation of my “service” user on startup.
I then modified the HelloService just to get the current user session:

    public class MyServices : Service
        public object Any(Hello request)
            IAuthSession session = this.GetSession();
            return new HelloResponse { Result = "Username: " + session.DisplayName + " - Session: " + session.Id };

Here the problems begins… If I POST my credentials to login, the user get logged and I can access the HelloService with all my session data…
If I re-send my credentials I get new cookies (as I wish with GenerateNewSessionCookiesOnAuthentication = true) but I get a 401 Unauthorized error; if now I re-send my credentials for the third time I can access again my HelloService and so on…
It seems so it get one valid session every two credentials requests.
Am I wrong or I miss something?

Are you using the latest v4.0.53 pre-release packages on MyGet, if not can you try it and let me know if it resolves the issue?

Thank you Demis! On 4.0.53 it seems to work!
Do you know (more or less) when it will be released on NuGet?

There’s no planned date for releases, I’d estimate in the range of 2-3 weeks.

1 Like