ASP.NET Session

[Vishal]

Hello,

I have one application and two domains are pointed to it

www.myapplication.com and
secure.myapplication.com

In some of the pages where i need to take Credit card numbers i want to use
SSL security.

But when i response.redirect from insecure url to secure url it losts the
session variables. I tried using StateServer and SQL server as session
modes.
The application is same only the domain name is different.

Am i missing anything or do i need to do something with my code?

Regards,
Vishal Dalsania
Rigel Networks

 

[Hans Kesting]

Hello,

I have one application and two domains are pointed to it

www.myapplication.com and
secure.myapplication.com

In some of the pages where i need to take Credit card numbers i want to use
SSL security.

But when i response.redirect from insecure url to secure url it losts the
session variables. I tried using StateServer and SQL server as session modes.
The application is same only the domain name is different.

Am i missing anything or do i need to do something with my code?

Regards,
Vishal Dalsania
Rigel Networks

"Session" depends on cookies. The browser sends the cookies depending
on the URL used. As you use two different URLs, the browser will not
send the session-cookie for "insecure" to "secure" (or vice-versa).

For regular cookies you could set the domain to "myapplication.com", I
don't know if that is possible for the session cookie. Maybe someone
else??

Hans Kesting