Sharing Session state over secure / non-secure requests

Discussion in 'ASP .Net' started by Daniel Malcolm, Jan 24, 2005.

  1. Hi

    I have a site where I would like some pages to be accessed via SSL (login
    and payment etc) and others via regular http. However I'm not sure whether
    Session state can be maintained between the 2 protocols.

    We have SSL set up on the site so that it can be accessed via the same
    domain:

    http://www.mydomain.com/login.aspx
    https://www.mydomain.com/login.aspx

    I understand that the change in protocol might cause the session cookie
    created when the site is accessed via http to be hidden when the same site
    is accessed via https.

    I've also tried running cookieless sessions so that the Session identifier
    is stored in the URL. However Session state does not appear to be shared
    across the different protocols. It looks like a new Session is started when
    the site is accessed via https, as any persisted data cannot be retrieved.

    Is a site running under SSL treated as a separate Application by ASP.net
    with its own Session scope? If so, is there anything that can be done to
    resolve this?

    The alternative seems to be to craete a transfer page where data that needs
    to be passed between 2 sessions is stored in a database and identified via a
    guid. The new Session can then be initialised (and the stored data reset to
    prevent further requests hijacking another person's Session).

    Thanks in advance for any suggestions

    Daniel
    Daniel Malcolm, Jan 24, 2005
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. shamanthakamani
    Replies:
    1
    Views:
    3,469
    Natty Gur
    Nov 20, 2003
  2. Not Liking Dot Net Today
    Replies:
    0
    Views:
    590
    Not Liking Dot Net Today
    Apr 21, 2004
  3. Maciek
    Replies:
    0
    Views:
    8,224
    Maciek
    Sep 15, 2005
  4. Joe
    Replies:
    5
    Views:
    948
    Steven Cheng[MSFT]
    Dec 13, 2005
  5. Les Caudle
    Replies:
    1
    Views:
    339
    Cowboy \(Gregory A. Beamer\)
    Sep 19, 2006
Loading...

Share This Page