Assuming an existing session

[Mikey C]

Hi there,

I am using ASP.NET 2.0.

The problem I am facing stems from the fact that the Flash plugin for
Firefox does not have access to the browser's cookies. The flash
component I am using takes input from the user, and then makes an HTTP
form post based on this input. Because the Flash plugin can't access
the ASP.NET session cookie, it can't pass it through with the post, so
the server processes these posts as if they were on a new session. This
is bad for me because I need to ensure that the user is logged in before
processing these posts. I would add the the Flash plugin for IE *does*
pass through the cookie OK, and everything works as expected (the posts
are processed on the same session on which they were made).

So the simplest approach seemed to be to pass the session ID through on
the querystring, and then somehow in code tell the server to process the
request as if it was on this session (essentially the same as what
happens with cookieless sessions). So I am not trying to share a
session across multiple users, I am trying to maintain session state for
one user across a special HTTP call where cookies are not present. I
want to avoid cookieless sessions if possible, as these would complicate
the design of our site.

ASP.NET clearly has the ability to do this, as at some point in the page
lifecycle, it must read the session ID, either from the querystring
(cookieless) or the cookie, and look up the state based on this cookie
(whether that be in-proc or in a database). What I am asking is, as a
programmer, is this mechanism exposed to me? I've been searching for a
long time for the answer to this question.

Cheers,

Mike

 

[Mikey C]

Hi there,

I am using ASP.NET 2.0.

The problem I am facing stems from the fact that the Flash plugin for
Firefox does not have access to the browser's cookies. The flash
component I am using takes input from the user, and then makes an HTTP
form post based on this input. Because the Flash plugin can't access
the ASP.NET session cookie, it can't pass it through with the post, so
the server processes these posts as if they were on a new session. This
is bad for me because I need to ensure that the user is logged in before
processing these posts. I would add the the Flash plugin for IE *does*
pass through the cookie OK, and everything works as expected (the posts
are processed on the same session on which they were made).

So the simplest approach seemed to be to pass the session ID through on
the querystring, and then somehow in code tell the server to process the
request as if it was on this session (essentially the same as what
happens with cookieless sessions). So I am not trying to share a
session across multiple users, I am trying to maintain session state for
one user across a special HTTP call where cookies are not present. I
want to avoid cookieless sessions if possible, as these would complicate
the design of our site.

ASP.NET clearly has the ability to do this, as at some point in the page
lifecycle, it must read the session ID, either from the querystring
(cookieless) or the cookie, and look up the state based on this cookie
(whether that be in-proc or in a database). What I am asking is, as a
programmer, is this mechanism exposed to me? I've been searching for a
long time for the answer to this question.

Cheers,

Mike

Agh! So there really is no answer to this? Surely SOMEONE must know?
Just a simple yes or no would be great. It's driving me crazy!

Mike