Session cookie in HTTP header

[Andrew Parish]

I'm writing an application to authenticate a user using a challenge
response mechanism. The client and server components of the
application talk over HTTP.

I would like to use an ASP session object to hold a random number on
the server. The code to store the number is written as part of a VB
web class.

When I read the http header returned from my server, I can't see the
session cookie. Why is this? If I create a normal cookie as part of
my web class, it is returned correctly within the header.

I am using HttpQueryInfo the read the header as follows:

blnReturn = CBool(HttpQueryInfo(hOpenRequest, HTTP_QUERY_RAW_HEADERS,
ByVal strBuffer, Len(strBuffer), 0))

Thanks for your help,
Andrew

 

[Ken Schaefer]

Is ASPSession State turned on? It can be disabled on the server, or in the
actual ASP page (via EnableSessionState=False)

Cheers
Ken


: I'm writing an application to authenticate a user using a challenge
: response mechanism. The client and server components of the
: application talk over HTTP.
:
: I would like to use an ASP session object to hold a random number on
: the server. The code to store the number is written as part of a VB
: web class.
:
: When I read the http header returned from my server, I can't see the
: session cookie. Why is this? If I create a normal cookie as part of
: my web class, it is returned correctly within the header.
:
: I am using HttpQueryInfo the read the header as follows:
:
: blnReturn = CBool(HttpQueryInfo(hOpenRequest, HTTP_QUERY_RAW_HEADERS,
: ByVal strBuffer, Len(strBuffer), 0))
:
: Thanks for your help,
: Andrew