REPLACE SESSION IN CURRENT CONTEXT!

I

Igor

Is it possible to point current context's session to another active
session based on a SessionID?
 
A

Alvin Bruney

No, that would constitute a security violation. What are you trying to
accomplish? There may be a work around.
 
I

Igor

Certain versions of EI open new browser windows (popups) in a brand
new process (depending on amount of memory on a machine).

When a new IE window opens in a new process it does not have access to
session cookies (SessionID) and request coming from a pop creates a
new session. I thought that I could use cookies to detect that and
point it back to the right (existing) session. Therefore enabling me
to use the session variable. Otherwise I will probably do away with
using session alltogether and use cookies instead. I am using HTTP
Module to handle my authenication and authorization.

The reason why session cookie gets "lost" in a new windows is because,
it is not persisted cookie and does not expiration date set. If I
could force session cookie to have an expiration (thereby saving it
onto hard drive and making it available for new browser instances0
this would solve my problems too.

I am not interested in client setting changes for solving this
problem.

Thank you very much.

Igor.
 
A

Alvin Bruney

Certain versions of EI open new browser windows (popups) in a brand
new process (depending on amount of memory on a machine).
which versions?

I'm using code like this and it works fine.
In A.aspx i'd like to popup a page B.aspx so i do this in A.aspx
[snip]

//write code here to persist your variables and stuff from A.aspx that you
will need in B.aspx
Page.Controls.Add(new LiteralControl("<script>window.open('B.aspx',
'"+System.Text.RegularExpressions.Regex.Replace(DateTime.Now.ToString(),"\\D
","")+"', 'toolbar=no,scrollbars=yes,width=
950,height=550,resizable=yes')</script>"));

This will work on up level browsers.

For clarification:

Page.Controls.Add is a handle to the stream. It's a matter of preference.
You could replace it with
Response.Write("<script>....

The regular expression forces the pop up to be in its own window and not use
existing windows. In B.aspx, I have access to session variables because it
comes from the same application. I think this or a permutation of it would
help you solve your problem.
 
I

Igor

I do not think you understand a problem.
There is a known intermittent problem in IE.

Starting with version 5.01 IE had a feature that was designed to
enable people to use PC resources more efficiently when running IE.
IE5.01 would spawn a new thread (if there is only one running) to run
a new window (generated by java pop-up or whatever). Because of that,
the new window opens up in a new process(and there are machine
specific conditions that must be satisfied in order for that to
happen)
because it is a new process/thread it does not have access to Session
Cookies (the ones that die when you close your browser). ASP, my
friend uses Session Cookies to keep track of session (unless you are
using cookieless sessions and I dont want to see that garbage in my
url). New window can mean a lost session cookie and popup sever code
having a different session variable than the page that opened it.

I would like to hear a comment on this sobjecy from someone @
microsoft!!

Cmon Microsoft show us the way out of that one.

I have not found a better option than not to rely on session in
pop-ups.


Certain versions of EI open new browser windows (popups) in a brand
new process (depending on amount of memory on a machine).
which versions?

I'm using code like this and it works fine.
In A.aspx i'd like to popup a page B.aspx so i do this in A.aspx
[snip]

//write code here to persist your variables and stuff from A.aspx that you
will need in B.aspx
Page.Controls.Add(new LiteralControl("<script>window.open('B.aspx',
'"+System.Text.RegularExpressions.Regex.Replace(DateTime.Now.ToString(),"\\D
","")+"', 'toolbar=no,scrollbars=yes,width=
950,height=550,resizable=yes')</script>"));

This will work on up level browsers.

For clarification:

Page.Controls.Add is a handle to the stream. It's a matter of preference.
You could replace it with
Response.Write("<script>....

The regular expression forces the pop up to be in its own window and not use
existing windows. In B.aspx, I have access to session variables because it
comes from the same application. I think this or a permutation of it would
help you solve your problem.

--
Regards,
Alvin Bruney
Got tidbits? Get it here...
http://tinyurl.com/3he3b
Igor said:
Certain versions of EI open new browser windows (popups) in a brand
new process (depending on amount of memory on a machine).

When a new IE window opens in a new process it does not have access to
session cookies (SessionID) and request coming from a pop creates a
new session. I thought that I could use cookies to detect that and
point it back to the right (existing) session. Therefore enabling me
to use the session variable. Otherwise I will probably do away with
using session alltogether and use cookies instead. I am using HTTP
Module to handle my authenication and authorization.

The reason why session cookie gets "lost" in a new windows is because,
it is not persisted cookie and does not expiration date set. If I
could force session cookie to have an expiration (thereby saving it
onto hard drive and making it available for new browser instances0
this would solve my problems too.

I am not interested in client setting changes for solving this
problem.

Thank you very much.

Igor.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top