System.Web.HttpException Session state has created a session ID …

System.Web.HttpException: Session state has created a session id, but cannot save it because the response was already flushed by the application.

Was struggling with this error for the longest time, implementing role manager then removing it, reading through the login code over and over, scrutinizing our forms authentication and cookies. Finally out of ideas, I decided to google and came across an interesting gem.

The issue was being caused by Session and the page’s life cycle. In a nutshell, when you set Session variables in the Global.asax and then do a Response.Redirect shortly after, you cause problems. Solution: Add a second ‘false’ arguement to your Response.Redirect; ie, make it look like this:

Response.Redirect("default.aspx", false);

If there is a moral of the story it should go something like this: If you cannot figure it out within fifteen minutes, it’s time to Google it.