Hi,
I have the following scenario
Page A.asp call page B.asp
Page B.asp need to load page C.asp make some changes and return
the result to IE
when A.asp is first running IIS create a session object
and B.asp need to pass the session cookie(?) to C.asp
How exactly ASP page maintains sessions?
How can pass the session from A to C using B
Note that b is in a different domain.
thanks 14 1873
Julia wrote on 15 aug 2004 in microsoft.publi c.inetserver.as p.general: when A.asp is first running IIS create a session object and B.asp need to pass the session cookie(?) to C.asp
How exactly ASP page maintains sessions? How can pass the session from A to C using B
Note that b is in a different domain.
The session cookie is domain specific.
ASP-sessions are not "passed" from one page to the other.
If no session cookie is found a new session is placed.
If such cookie placing is deactivated [clientside = browser],
every page is a new session.
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
I know that,that is way I asked the question!!!
i assume the session ID(explorer unique id?) is passed in the HTTP request
so I wonder if I can some how extract it using ISAPI or other.
and thant pass it to the other page.
thanks
"Evertjan." <ex************ **@interxnl.net > wrote in message
news:Xn******** ************@19 4.109.133.29... Julia wrote on 15 aug 2004 in microsoft.publi c.inetserver.as p.general:
when A.asp is first running IIS create a session object and B.asp need to pass the session cookie(?) to C.asp
How exactly ASP page maintains sessions? How can pass the session from A to C using B
Note that b is in a different domain.
The session cookie is domain specific.
ASP-sessions are not "passed" from one page to the other.
If no session cookie is found a new session is placed.
If such cookie placing is deactivated [clientside = browser], every page is a new session.
-- Evertjan. The Netherlands. (Please change the x'es to dots in my emailaddress)
Ha....what you ment to say that ASP create a special cookie which represent
the session
sent it to the client
and that cookie is sent to the server each request?
(and of course cookie is domain specific)
what if I get this cookie in page A and send it in the URL as a parameter to
page B?
thanks.
"Julia" <co********@012 .net.il> wrote in message
news:%2******** ********@tk2msf tngp13.phx.gbl. .. I know that,that is way I asked the question!!! i assume the session ID(explorer unique id?) is passed in the HTTP request so I wonder if I can some how extract it using ISAPI or other. and thant pass it to the other page.
thanks
"Evertjan." <ex************ **@interxnl.net > wrote in message news:Xn******** ************@19 4.109.133.29... Julia wrote on 15 aug 2004 in microsoft.publi c.inetserver.as p.general:
when A.asp is first running IIS create a session object and B.asp need to pass the session cookie(?) to C.asp
How exactly ASP page maintains sessions? How can pass the session from A to C using B
Note that b is in a different domain.
The session cookie is domain specific.
ASP-sessions are not "passed" from one page to the other.
If no session cookie is found a new session is placed.
If such cookie placing is deactivated [clientside = browser], every page is a new session.
-- Evertjan. The Netherlands. (Please change the x'es to dots in my emailaddress)
Julia wrote on 15 aug 2004 in microsoft.publi c.inetserver.as p.general: "Evertjan." <ex************ **@interxnl.net > wrote in message news:Xn******** ************@19 4.109.133.29... Julia wrote on 15 aug 2004 in microsoft.publi c.inetserver.as p.general:
> when A.asp is first running IIS create a session object > and B.asp need to pass the session cookie(?) to C.asp > > How exactly ASP page maintains sessions? > How can pass the session from A to C using B > > Note that b is in a different domain. > The session cookie is domain specific.
ASP-sessions are not "passed" from one page to the other.
If no session cookie is found a new session is placed.
If such cookie placing is deactivated [clientside = browser], every page is a new session.
[please do not toppost on usenet]
I know that,that is way I asked the question!!!
That is nice, but it would be helpful if you stated what you already know
IN the OQ. That way the risk of being ploncked or ignored is less.
i assume the session ID(explorer unique id?)
No, not 'explorer unique'. It is a serverside generated ID, so unique to
the server only. It has nothing to do with the browser, but for the
browser filing and returning the ID.
... is passed in the HTTP request so I wonder if I can some how extract it using ISAPI or other. and thant pass it to the other page.
That would be a breach of security. Inter domain sessions are just not
the ASP way.
==========
Why not build it yourself using a serverside database and querystrings
with your own "session ID"?
This has been discused many times on this NG. Read the archives.
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
Thanks,
couple more question please
1.When B call C,than the server which host C generate a session ID for B as
well?
2.suppose in C.asp i am returning the SessionID to B and save it in a data
base
than when B call C again,can i transform the saved Id to the session
Cookie?
(put it into the HTTP hedaers?)
3." [please do not toppost on usenet]"- I don't understand.
"Why not build it yourself using a server database and querystrings
with your own "session ID"?"
A and C belongs to other organization,we are trying to plug additional
capabilities to their site
with as less as possible changes.
"Evertjan." <ex************ **@interxnl.net > wrote in message
news:Xn******** ************@19 4.109.133.29... Julia wrote on 15 aug 2004 in microsoft.publi c.inetserver.as p.general: "Evertjan." <ex************ **@interxnl.net > wrote in message news:Xn******** ************@19 4.109.133.29... Julia wrote on 15 aug 2004 in microsoft.publi c.inetserver.as p.general:
> when A.asp is first running IIS create a session object > and B.asp need to pass the session cookie(?) to C.asp > > How exactly ASP page maintains sessions? > How can pass the session from A to C using B > > Note that b is in a different domain. >
The session cookie is domain specific.
ASP-sessions are not "passed" from one page to the other.
If no session cookie is found a new session is placed.
If such cookie placing is deactivated [clientside = browser], every page is a new session.
[please do not toppost on usenet]
I know that,that is way I asked the question!!!
That is nice, but it would be helpful if you stated what you already know IN the OQ. That way the risk of being ploncked or ignored is less.
i assume the session ID(explorer unique id?)
No, not 'explorer unique'. It is a serverside generated ID, so unique to the server only. It has nothing to do with the browser, but for the browser filing and returning the ID.
... is passed in the HTTP request so I wonder if I can some how extract it using ISAPI or other. and thant pass it to the other page.
That would be a breach of security. Inter domain sessions are just not the ASP way.
==========
Why not build it yourself using a serverside database and querystrings with your own "session ID"?
This has been discused many times on this NG. Read the archives.
-- Evertjan. The Netherlands. (Please change the x'es to dots in my emailaddress)
Julia wrote on 15 aug 2004 in microsoft.publi c.inetserver.as p.general: Ha....what you ment to say that ASP create a special cookie which represent the session sent it to the client and that cookie is sent to the server each request? (and of course cookie is domain specific)
what if I get this cookie in page A and send it in the URL as a parameter to page B?
No, it has to go in the header of page b and be recognized by the asp
engine as a not timed out session.id given out by the page b asp engine.
Why not try it out by starting all three the pages with:
<%
if session("isStar ted")<>"Yes!" then
response.write "New session started with this page"
session("isStar ted")="Yes!"
else
response.write "Old session recognized, hurray!"
end if
%>
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
Julia wrote on 15 aug 2004 in microsoft.publi c.inetserver.as p.general: 1.When B call C,than the server which host C generate a session ID for B as well?
[See my example code in the other posting]
Each session only has one session.id.
2.suppose in C.asp i am returning the SessionID to B and save it in a data base than when B call C again,can i transform the saved Id to the session Cookie? (put it into the HTTP hedaers?)
Do not try to do what is expressly excluded. You cannot access the
session cookie with clientside code. You cannot force an asp-server to
use a different session.id.
3." [please do not toppost on usenet]"- I don't understand.
Read up on topposting via google.
Topposting is fowned upon by many, including me.
<http://www.google.com/search?q=top.po sting> 24.200 hits "Why not build it yourself using a server database and querystrings with your own "session ID"?" A and C belongs to other organization,we are trying to plug additional capabilities to their site with as less as possible changes.
So you only page B is under your control?
A and C are the same domain?
Are they asp?
Then their (A and C's) security should prevent you from meddling.
The only way to do what you want, IMHO, is data mining their pages and
reconstructing them as your own. Offering that to the web could be a
copyright infringement.
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
"Evertjan." <ex************ **@interxnl.net > wrote in message
news:Xn******** ************@19 4.109.133.29... Julia wrote on 15 aug 2004 in microsoft.publi c.inetserver.as p.general: 1.When B call C,than the server which host C generate a session ID for B as well? [See my example code in the other posting]
Each session only has one session.id.
2.suppose in C.asp i am returning the SessionID to B and save it in a data base than when B call C again,can i transform the saved Id to the session Cookie? (put it into the HTTP hedaers?)
Do not try to do what is expressly excluded. You cannot access the session cookie with clientside code. You cannot force an asp-server to use a different session.id.
Yes you can, why exactly not? Read up on DOM and how to use it in
JavaScript. If you do this successfully it's called session hi-jacking, and
is one of the simplest security attacks. 3." [please do not toppost on usenet]"- I don't understand.
Read up on topposting via google. Topposting is fowned upon by many, including me.
<http://www.google.com/search?q=top.po sting> 24.200 hits
Many, but most people do not give a damn. And mostly Europeans will educate
you on how badly you behave (do not top post, use the metric system, it's
just annoying). "Why not build it yourself using a server database and querystrings with your own "session ID"?" A and C belongs to other organization,we are trying to plug additional capabilities to their site with as less as possible changes.
So you only page B is under your control? A and C are the same domain? Are they asp?
Then their (A and C's) security should prevent you from meddling. The only way to do what you want, IMHO, is data mining their pages and reconstructing them as your own. Offering that to the web could be a copyright infringement.
Could but probably won't. The real problem is that each server envirenment
has its own cookies, so even if you force your server to use the same
session ID as the one you're trying to interact with you will fail, because
the other server will not know a session by that id (and vice versa).
-- Evertjan. The Netherlands. (Please change the x'es to dots in my emailaddress)
Jerry
Jerry Pisk wrote on 15 aug 2004 in
microsoft.publi c.inetserver.as p.general: 3." [please do not toppost on usenet]"- I don't understand.
Read up on topposting via google. Topposting is fowned upon by many, including me.
<http://www.google.com/search?q=top.po sting> 24.200 hits
Many, but most people do not give a damn. And mostly Europeans will educate you on how badly you behave (do not top post, use the metric system, it's just annoying).
I politely asked in this thread not to toppost, Jerry.
I did not say that was bad behavour, I just frown upon it.
However if you think that topposting is bad behavour on usenet, and that
you do not give a damn [and even without any shown proof suggest that most
people think like you], I can sympatize that would be very annoying to you.
Do you feel the Europeans are your moral watchdogs?
And also an inferiority feeling about inches, ounces and miles?
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress) This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Bo |
last post by:
HI guys:
I use vb create a DLL compoment(SessionManger.dll) which is used in
ASP page.
in ASP page(test.asp) code:
<%@ Language=VBScript %>
<%response.buffer = true%>
<%
dim Session
set Session = server.CreateObject("SessionMgr.Session2")
|
by: mjkahn |
last post by:
I've read (and read!) that you shouldn't store objects in Session variables.
I've read these reasons:
- The object takes up memory that may not be freed until the session times
out. Better to create the object only when you actually use it.
- Causes poor performance because the thread that created the object has to
service all requests for it.
Assuming I can live with the memory and performance implications (a big if,
|
by: Chris Ericoli |
last post by:
Hi,
I am working with an 'in session' ado dataset with an asp.net application.
My dataset is comprised of two tables, one of which maintains a few
calculated datacolumns. For some reason these datacolumns do not trigger
their expression when other columns from which the expressions are derived
are updated. Below is a basic example of what I am doing.
User enters values into an asp.net form and clicks a button.
Retrieve dataset from...
|
by: Børge Hansen |
last post by:
Hi.
I am trying to create functionality for saving the contents (state) of a
page. The idea is that when navigating away from a webpage and later
returning the state of the textboxes, etc should be reinstated.... Just like
Viewstate, but not....
Basicly I have a tabbed GUI and wants to make the webapp work like a winform
with tabs....
|
by: Tom wilson |
last post by:
I have created a very simple example that doesn't work. Form1
contains a textbox and a button:
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e
As System.EventArgs) Handles Button1.Click
Response.Redirect("login.aspx")
End Sub
Very simple. Forget what login.aspx does, it's just somewhere to
redirect to.
| |
by: Bill Manring |
last post by:
The startup page for my ASP.NET application is an HTML frames page with two
frames. This seems to cause the Session_Start event in the Global.asax file
to fire twice. When I change the startup page to an ordinary aspx page, the
event only fires once.
I would like to run some concurrent license checking code when the
Session_Start event fires, so I either need to figure out how to stop it from
firing twice or to figure aout a way to...
|
by: Irfan Akram |
last post by:
Hi Guys,
I have got a few Listbox bontrols on my web-page. When I select a certain
list, further selection is possible from the other listboxes. The problem is
that whenever I get transferred to another page, I do some more work, but
when I get back to the original page all my selection of the Listboxes has
resetted again, which is quite annoying for the users of my site.
Is there anyway in asp.net, that I when I go back to the...
|
by: py |
last post by:
how feasible is it to cache an entire page's content in a session variable?
i am already doing it and it works fine, except i am afraid of scalability
issues. what is the best way to test this? and is there an obvious reason
why i should not do this.
|
by: divya |
last post by:
I have a page name edit.asp which should expire immediately .The user
cannot open this page directly he has to provide a password for
entering this page.thus when the user enters edit.asp , it has a button
EDIT ,which when user clicks directs him to another page (done.asp).
Now the problem is that from this page (done.asp) if he clicks on the
back button on the toolbar then edit.asp opens.But I don't want it to
open It should show page...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |