ASP Session in SSL

Discussion in 'ASP .Net Security' started by Adil Akram, Sep 13, 2004.

  1. Adil Akram

    Adil Akram Guest

    I've developed a shopping cart application in ASP.net, C#. To maintain the
    shopping cart session, I've used the session ID, but while it shifts to SSL
    pages the session ID changed which is its default behaviour to maintain
    security and prevent session stealing.

    I've no idea to maintain session in shopping cart with SSL in check out form
    because if I do it with cookies the same security problem exist there,
    anyone can steal cookie in non SSL pages and can use it at any time in
    user's session.

    Expert advices are really appreciated.

    I'm thankful in advance.

    regards,
    Adil
     
    Adil Akram, Sep 13, 2004
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jeff Smythe
    Replies:
    3
    Views:
    1,252
    Jeff Smythe
    Jan 2, 2004
  2. 620
    Replies:
    2
    Views:
    1,006
    Murat Tunaboylu
    Jan 6, 2004
  3. CW
    Replies:
    2
    Views:
    522
  4. John Smith
    Replies:
    0
    Views:
    386
    John Smith
    Oct 5, 2006
  5. Nathan Crosby

    ASP.net SSL w/ an SSL Accelerator

    Nathan Crosby, Jul 25, 2006, in forum: ASP .Net Security
    Replies:
    2
    Views:
    196
    Nathan Crosby
    Aug 18, 2006
Loading...

Share This Page