M
Manso
Hi all,
We have two ASP.NET applications (App A & B) in two different sites. App B
is consuming a webservice exposed by App A and state is kept using
=========================
If HttpContext.Current.Session("CookieAppB") Is Nothing Then
HttpContext.Current.Session("CookieAppB") = New System.Net.CookieContainer
End If
objWebSvcAppA.CookieContainer = HttpContext.Current.Session("CookieAppB")
.....
=========================
We keep session state in App B because App A uses an authentication
mechanism that can be quite slow perfoming.
Now to the problem. The webservice in App A returns data that is used to
render img tags with the src-attribute pointing back to a page in App A. Is
there anyway I can change the code above so the subsequent requests from the
browser (for the img tag) uses the session information from the first (and
already authenticated) request? This is the flow:
1. App B authenticates and request data from App A.
2. App B renders a page with <img> tags pointing to App A
3. The requests from the browser are not authenticated for the src tags to
App A.
I can't seem to figure out a way to tell App A that the browser is
authenticated. I don't want to store information in the querystring in the
src attribute for security reasons.
Does anyone have any ideas on this? I can't seem to find a good way to
transfer the session container from one application to another.
Thanks in advance!
- MÃ¥ns
We have two ASP.NET applications (App A & B) in two different sites. App B
is consuming a webservice exposed by App A and state is kept using
=========================
If HttpContext.Current.Session("CookieAppB") Is Nothing Then
HttpContext.Current.Session("CookieAppB") = New System.Net.CookieContainer
End If
objWebSvcAppA.CookieContainer = HttpContext.Current.Session("CookieAppB")
.....
=========================
We keep session state in App B because App A uses an authentication
mechanism that can be quite slow perfoming.
Now to the problem. The webservice in App A returns data that is used to
render img tags with the src-attribute pointing back to a page in App A. Is
there anyway I can change the code above so the subsequent requests from the
browser (for the img tag) uses the session information from the first (and
already authenticated) request? This is the flow:
1. App B authenticates and request data from App A.
2. App B renders a page with <img> tags pointing to App A
3. The requests from the browser are not authenticated for the src tags to
App A.
I can't seem to figure out a way to tell App A that the browser is
authenticated. I don't want to store information in the querystring in the
src attribute for security reasons.
Does anyone have any ideas on this? I can't seem to find a good way to
transfer the session container from one application to another.
Thanks in advance!
- MÃ¥ns