The usual shared session state hack doesn't clean up after itself and so can cause problems with IIS. It also isn't initialized in the right place, so can impact other modules.
We solve this by removing SessionStateModule
and adding our own module which acts as a kind of wrapper that
takes care of temporarily setting AppDomainAppId
and loading and initializing SessionStateModule
.
SessionStateModule
sets up its session ID during Init
along with all the hooks it needs. Conviently,
this means we don't have to deal to much with special snowflake nonsense when doing MITM.