REPLACE SESSION IN CURRENT CONTEXT!

Discussion in 'ASP .Net' started by Igor, Jan 11, 2004.

  1. Igor

    Igor Guest

    Is it possible to point current context's session to another active
    session based on a SessionID?
     
    Igor, Jan 11, 2004
    #1
    1. Advertising

  2. Igor

    Alvin Bruney Guest

    No, that would constitute a security violation. What are you trying to
    accomplish? There may be a work around.

    --
    Regards,
    Alvin Bruney
    Got tidbits? Get it here...
    http://tinyurl.com/3he3b
    "Igor" <> wrote in message
    news:...
    > Is it possible to point current context's session to another active
    > session based on a SessionID?
     
    Alvin Bruney, Jan 11, 2004
    #2
    1. Advertising

  3. Igor

    Igor Guest

    Certain versions of EI open new browser windows (popups) in a brand
    new process (depending on amount of memory on a machine).

    When a new IE window opens in a new process it does not have access to
    session cookies (SessionID) and request coming from a pop creates a
    new session. I thought that I could use cookies to detect that and
    point it back to the right (existing) session. Therefore enabling me
    to use the session variable. Otherwise I will probably do away with
    using session alltogether and use cookies instead. I am using HTTP
    Module to handle my authenication and authorization.

    The reason why session cookie gets "lost" in a new windows is because,
    it is not persisted cookie and does not expiration date set. If I
    could force session cookie to have an expiration (thereby saving it
    onto hard drive and making it available for new browser instances0
    this would solve my problems too.

    I am not interested in client setting changes for solving this
    problem.

    Thank you very much.

    Igor.
    On Sun, 11 Jan 2004 12:19:47 -0600, "Alvin Bruney" <vapor at steaming
    post office> wrote:

    >No, that would constitute a security violation. What are you trying to
    >accomplish? There may be a work around.
    >
    >--
    >Regards,
    >Alvin Bruney
    >Got tidbits? Get it here...
    >http://tinyurl.com/3he3b
    >"Igor" <> wrote in message
    >news:...
    >> Is it possible to point current context's session to another active
    >> session based on a SessionID?

    >
    >
     
    Igor, Jan 11, 2004
    #3
  4. Igor

    Alvin Bruney Guest

    > Certain versions of EI open new browser windows (popups) in a brand
    > new process (depending on amount of memory on a machine).

    which versions?

    I'm using code like this and it works fine.
    In A.aspx i'd like to popup a page B.aspx so i do this in A.aspx
    [snip]

    //write code here to persist your variables and stuff from A.aspx that you
    will need in B.aspx
    Page.Controls.Add(new LiteralControl("<script>window.open('B.aspx',
    '"+System.Text.RegularExpressions.Regex.Replace(DateTime.Now.ToString(),"\\D
    ","")+"', 'toolbar=no,scrollbars=yes,width=
    950,height=550,resizable=yes')</script>"));

    This will work on up level browsers.

    For clarification:

    Page.Controls.Add is a handle to the stream. It's a matter of preference.
    You could replace it with
    Response.Write("<script>....

    The regular expression forces the pop up to be in its own window and not use
    existing windows. In B.aspx, I have access to session variables because it
    comes from the same application. I think this or a permutation of it would
    help you solve your problem.

    --
    Regards,
    Alvin Bruney
    Got tidbits? Get it here...
    http://tinyurl.com/3he3b
    "Igor" <> wrote in message
    news:...
    > Certain versions of EI open new browser windows (popups) in a brand
    > new process (depending on amount of memory on a machine).
    >
    > When a new IE window opens in a new process it does not have access to
    > session cookies (SessionID) and request coming from a pop creates a
    > new session. I thought that I could use cookies to detect that and
    > point it back to the right (existing) session. Therefore enabling me
    > to use the session variable. Otherwise I will probably do away with
    > using session alltogether and use cookies instead. I am using HTTP
    > Module to handle my authenication and authorization.
    >
    > The reason why session cookie gets "lost" in a new windows is because,
    > it is not persisted cookie and does not expiration date set. If I
    > could force session cookie to have an expiration (thereby saving it
    > onto hard drive and making it available for new browser instances0
    > this would solve my problems too.
    >
    > I am not interested in client setting changes for solving this
    > problem.
    >
    > Thank you very much.
    >
    > Igor.
    > On Sun, 11 Jan 2004 12:19:47 -0600, "Alvin Bruney" <vapor at steaming
    > post office> wrote:
    >
    > >No, that would constitute a security violation. What are you trying to
    > >accomplish? There may be a work around.
    > >
    > >--
    > >Regards,
    > >Alvin Bruney
    > >Got tidbits? Get it here...
    > >http://tinyurl.com/3he3b
    > >"Igor" <> wrote in message
    > >news:...
    > >> Is it possible to point current context's session to another active
    > >> session based on a SessionID?

    > >
    > >

    >
     
    Alvin Bruney, Jan 11, 2004
    #4
  5. Igor

    Igor Guest

    I do not think you understand a problem.
    There is a known intermittent problem in IE.

    Starting with version 5.01 IE had a feature that was designed to
    enable people to use PC resources more efficiently when running IE.
    IE5.01 would spawn a new thread (if there is only one running) to run
    a new window (generated by java pop-up or whatever). Because of that,
    the new window opens up in a new process(and there are machine
    specific conditions that must be satisfied in order for that to
    happen)
    because it is a new process/thread it does not have access to Session
    Cookies (the ones that die when you close your browser). ASP, my
    friend uses Session Cookies to keep track of session (unless you are
    using cookieless sessions and I dont want to see that garbage in my
    url). New window can mean a lost session cookie and popup sever code
    having a different session variable than the page that opened it.

    I would like to hear a comment on this sobjecy from someone @
    microsoft!!

    Cmon Microsoft show us the way out of that one.

    I have not found a better option than not to rely on session in
    pop-ups.


    On Sun, 11 Jan 2004 13:03:06 -0600, "Alvin Bruney" <vapor at steaming
    post office> wrote:

    >> Certain versions of EI open new browser windows (popups) in a brand
    >> new process (depending on amount of memory on a machine).

    >which versions?
    >
    >I'm using code like this and it works fine.
    >In A.aspx i'd like to popup a page B.aspx so i do this in A.aspx
    >[snip]
    >
    >//write code here to persist your variables and stuff from A.aspx that you
    >will need in B.aspx
    >Page.Controls.Add(new LiteralControl("<script>window.open('B.aspx',
    >'"+System.Text.RegularExpressions.Regex.Replace(DateTime.Now.ToString(),"\\D
    >","")+"', 'toolbar=no,scrollbars=yes,width=
    >950,height=550,resizable=yes')</script>"));
    >
    >This will work on up level browsers.
    >
    >For clarification:
    >
    >Page.Controls.Add is a handle to the stream. It's a matter of preference.
    >You could replace it with
    >Response.Write("<script>....
    >
    >The regular expression forces the pop up to be in its own window and not use
    >existing windows. In B.aspx, I have access to session variables because it
    >comes from the same application. I think this or a permutation of it would
    >help you solve your problem.
    >
    >--
    >Regards,
    >Alvin Bruney
    >Got tidbits? Get it here...
    >http://tinyurl.com/3he3b
    >"Igor" <> wrote in message
    >news:...
    >> Certain versions of EI open new browser windows (popups) in a brand
    >> new process (depending on amount of memory on a machine).
    >>
    >> When a new IE window opens in a new process it does not have access to
    >> session cookies (SessionID) and request coming from a pop creates a
    >> new session. I thought that I could use cookies to detect that and
    >> point it back to the right (existing) session. Therefore enabling me
    >> to use the session variable. Otherwise I will probably do away with
    >> using session alltogether and use cookies instead. I am using HTTP
    >> Module to handle my authenication and authorization.
    >>
    >> The reason why session cookie gets "lost" in a new windows is because,
    >> it is not persisted cookie and does not expiration date set. If I
    >> could force session cookie to have an expiration (thereby saving it
    >> onto hard drive and making it available for new browser instances0
    >> this would solve my problems too.
    >>
    >> I am not interested in client setting changes for solving this
    >> problem.
    >>
    >> Thank you very much.
    >>
    >> Igor.
    >> On Sun, 11 Jan 2004 12:19:47 -0600, "Alvin Bruney" <vapor at steaming
    >> post office> wrote:
    >>
    >> >No, that would constitute a security violation. What are you trying to
    >> >accomplish? There may be a work around.
    >> >
    >> >--
    >> >Regards,
    >> >Alvin Bruney
    >> >Got tidbits? Get it here...
    >> >http://tinyurl.com/3he3b
    >> >"Igor" <> wrote in message
    >> >news:...
    >> >> Is it possible to point current context's session to another active
    >> >> session based on a SessionID?
    >> >
    >> >

    >>

    >
    >
     
    Igor, Jan 11, 2004
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Roger Stavcode
    Replies:
    0
    Views:
    438
    Roger Stavcode
    Jan 11, 2004
  2. Roger Stavcode
    Replies:
    1
    Views:
    442
    Alvin Bruney
    Jan 17, 2004
  3. VS_NET_DEV
    Replies:
    2
    Views:
    3,816
    jenny
    May 25, 2004
  4. =?Utf-8?B?U3VuU21pbGU=?=
    Replies:
    0
    Views:
    713
    =?Utf-8?B?U3VuU21pbGU=?=
    Jan 10, 2006
  5. asd
    Replies:
    1
    Views:
    445
    www.pulpjava.com
    Nov 9, 2006
Loading...

Share This Page