G
Guest
An ASP.NET session cookie set on "www.mydomain.com" can not be accessed on
"search.mydomain.com"; hence, a new session and cookie are being created on
every sub-domain.
This is occuring because ASP.NET always sets the Session cookie domain to
the full domain (e.g. "www.mydomain.com") instead of the parent domain (e.g.
"mydomain.com")
The problem with this is when the visitor goes to a different sub-domain
(e.g. "search.mydomain.com"), this sub-domain can not access the previously
set Session cookie, and hence, has no idea a session has already been
created. Hence, a new session is created with a new cookie set to
"search.mydomain.com". Now the visitor has two session cookies pointing to
two different sub-domains.
For the past couple of years, I've gotten around this by manually creating a
"ASP.NET_SessionId" cookie pointing to the parent domain (e.g.
"mydomain.com"). That way, all sub-domains have access to the same cookie and
the same session ID. However, this is a hack; I end up with multiple session
cookies pointing to "www.mydomain", "search.mydomain.com", and
"mydomain.com"; not the best solution.
How can I tell ASP.NET to always set the Session cookie domain to
"mydomain.com" so all sub-domains can read it? My research over the past
couple of years tells me this is impossible. This seems to be a major bug
that many people experience, however, I've heard no word of a fix nor any
comment on it from Microsoft.
Doug
"search.mydomain.com"; hence, a new session and cookie are being created on
every sub-domain.
This is occuring because ASP.NET always sets the Session cookie domain to
the full domain (e.g. "www.mydomain.com") instead of the parent domain (e.g.
"mydomain.com")
The problem with this is when the visitor goes to a different sub-domain
(e.g. "search.mydomain.com"), this sub-domain can not access the previously
set Session cookie, and hence, has no idea a session has already been
created. Hence, a new session is created with a new cookie set to
"search.mydomain.com". Now the visitor has two session cookies pointing to
two different sub-domains.
For the past couple of years, I've gotten around this by manually creating a
"ASP.NET_SessionId" cookie pointing to the parent domain (e.g.
"mydomain.com"). That way, all sub-domains have access to the same cookie and
the same session ID. However, this is a hack; I end up with multiple session
cookies pointing to "www.mydomain", "search.mydomain.com", and
"mydomain.com"; not the best solution.
How can I tell ASP.NET to always set the Session cookie domain to
"mydomain.com" so all sub-domains can read it? My research over the past
couple of years tells me this is impossible. This seems to be a major bug
that many people experience, however, I've heard no word of a fix nor any
comment on it from Microsoft.
Doug