Session Tracker Native Module for IIS 7.0


The Session Tracker is a native  C++ module for IIS 7.0 that can be used to obtain information about user-activity on a site using cookies.


You can download and install the Session Tracker module along with the source code from here. A tiny disclaimer here, this is not an official Microsoft extension (hence not supported by Microsoft), but a personal contribution to the download centre. You can direct all queries and improvements to the module directly to me, and i will try my best to address them.


The Session Tracker module comprises of a sessionTracking.xml and a SessionTracking.dll and has the following key features

  • The module when enabled, will attach a Set-Cookie header in the server response which will enable subsequent requests from the client to be tracked using Cookies. The module can also send a Cache-Control header in the response.
  • The schema lets you disable/enable the SessionTracking module.
  • The schema helps you dictate the name of the cookie and the cookie style information (whether you want to send Set-Cookie or a Set-Cookie2 header in the response). You can also set certain other attributes of the cookie like Max-Age, Path, Version, Secure, etc. as described in RFCs 2109 and 2965.
  • The schema also enables you to send Cache-Control headers in the response.  This is outlined in RFC 2616.


You should be able to install the Session Tracker module on an IIS 7.0 machine, by following these simple steps.    

  1. Install the SessionTracker.EXE installer onto a folder on your IIS 7.0 machine. The installer would copy the source code, Visual Studio project files, binaries (x86 and x64) and schema required for the working of the sessionTracker module.
  2. Run the installScript.js from this folder on an administrator command prompt. The script would copy SessionTracking.dll to %windir%\system32\inetsrv and to the %syswow64%\system32\inetsrv on an x64 machine. The script also copies the sessionTracking.xml schema file to %windir%\system32\inetsrv\config\schema.
  3. Install the SessionTrackingModule by using the following appcmd command

                    appcmd.exe install module /name:SessionTrackingModule /image:%windir%\system32\inetsrv\SessionTracking.dll

  4. Make the following changes to \inetsrv\config\applicationHost.config file on your server.

    Declare the sessionTracking section in the <system.webServer> sectionGroup for it to be recognized by appcmd.exe

                    <sectionGroup name="system.webServer">
                           <section name="sessionTracking" allowDefinition="AppHostOnly" overrideModeDefault="Allow" />
  5. Now, you can enable the sessionTracking section at the server level using the following appcmd command

                          appcmd.exe set config /section:sessionTracking /enabled:true

    6.   You can list the sessionTracking section, containing default values with the following appcmd command.

                          appcmd.exe list config /section:sessionTracking /config:*                                       


The Session Tracker module kicks in during the RQ_BEGIN_REQUEST state of the request pipeline.

If the module sees a Cookie header in the request already, it will be interpreted as a session already initiated by the server. In that case, the module will return control to the request pipeline by returning RQ_NOTIFICATION_CONTINUE. That way, default site functionality will not be interrupted.

If the module does not see a Cookie header in the request, then this will be treated as a new request. The module, then reads the config data, and builds a Set-Cookie header using the information defined by the user in the config. It will then obtain the response from the server and  adds the Set-Cookie header to the response.

The module also takes care of adding a Cache-Control header to the response. After adding this header, the module prevents any further processing of the request by returning an RQ_NOTIFICATION_FINISH_REQUEST.


To see the working of the session tracker module, you can follow the steps below

  • Enable Failed Request Tracing on your website for status codes 200-500.
  • Delete all previous cookies from IE and then browse once to the site.
  • Open the trace log file (default location %systemdriv%\inetpub\logs\FailedReqLogFiles). Your request and response headers will look like this.



          The Set-Cookie header in the response is generated and added to the response by the Session Tracker module.

  • Refresh the site from the second step again with IE.
  • You will find another trace log file generated at the same location.  Your request header for the second request will now look like this


                     Thereafter all subsequent requests in the same session would have this Cookie header set.


You can use the Session Tracker module along with LogParser 2.2 to parse the IIS 7.0 logs and generate a log of user-activity on the website.

  1. As a first step, enable logging on your website and select the cs(Cookie) w3c logging field. For more information, you can refer this link.
  2. Now, you can execute the following LogParser query on the log file generated for the site (default location is %systemdrive%\inetpub\logs\LogFiles).to obtain a log of user-activity for a particular session. The highlighted item is the name=value field from the cookie generated.

     LogParser "SELECT cs-uri-stem from u_ex090109.log where cs(Cookie)='IIS7SessionTracking=18302628887781179643'"



               To obtain a list of all the Cookies given out by the server, you can execute the following LogParser command.

                LogParser "SELECT cs(Cookie),count(*) from  u_ex090109.log GROUP BY cs(Cookie)"




              I would like to thank Kanwal for his invaluable feedback and initial research and Cip for the initial implementation of the Session Tracker module.


1 Comment

Comments have been disabled for this content.