By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
425,563 Members | 1,066 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 425,563 IT Pros & Developers. It's quick & easy.

Is this how session and application variables work?

P: n/a
I've got two domain names sharing the same IP address that use ASP VBScript

If I set a session variable with domain 1, it is only available for domain 1 - this is
correct?

If I set an application variable with domain 1, the app variable is sharing across all
domains using that IP address - this is correct?

This is the behavior I am seeing and I want to make sure that my server is set up
correct. I especially want to make sure application variable behavior is correct.

Thank you!



Jul 30 '06 #1
Share this Question
Share on Google+
7 Replies


P: n/a
session variables are for the same web application only, are you talking
about the same web application accessed via 2 domains?
"Victor" <vi*@vic.comwrote in message
news:ON**************@TK2MSFTNGP06.phx.gbl...
I've got two domain names sharing the same IP address that use ASP
VBScript

If I set a session variable with domain 1, it is only available for domain
1 - this is
correct?

If I set an application variable with domain 1, the app variable is
sharing across all
domains using that IP address - this is correct?

This is the behavior I am seeing and I want to make sure that my server is
set up
correct. I especially want to make sure application variable behavior is
correct.

Thank you!



Jul 31 '06 #2

P: n/a

"Victor" <vi*@vic.comwrote in message
news:ON**************@TK2MSFTNGP06.phx.gbl...
I've got two domain names sharing the same IP address that use ASP
VBScript
>
If I set a session variable with domain 1, it is only available for domain
1 - this is
correct?

If I set an application variable with domain 1, the app variable is
sharing across all
domains using that IP address - this is correct?
Nope. The problem is that inorder for the server to identify the session it
sets a session cookie which is sent to the browser. The session cookie will
be rooted in a URL which represents the root of the application. If you use
two different domain names to access the same website they cannot share
sessions.

Eg.

A website is accessed as MyServer as well as MyServer.mydomain.com

It has an application called myapp

Visting http://MyServer/MyApp/Default.asp results in the browser receiving a
session cookie rooted at http://MyServer/MyApp/

Now if in the same browser session you visit another page say
http://MyServer/MyApp/SomeFolder/somepage.asp
the session cookie for http://MyServer/MyApp/ is included in the request
because the root path for the cookie matches the URL requested. This
enables ASP to access session variables that may have be created by
Default.asp earlier because the cookie identifies the session.

Now if, again in the same browser session, you visit yet another page say
http://MyServer.mydomain.com/MyApp/AnotherPage.asp the root path of this URL
does not match the path for which the earlier session cookie was created.
Hence the session cookie is not sent in this request. The server sees
request as needing a new session and does not have any idea about the other
session.

Hope this is clear,

Anthony.
This is the behavior I am seeing and I want to make sure that my server is
set up
correct. I especially want to make sure application variable behavior is
correct.
>
Thank you!



Jul 31 '06 #3

P: n/a
I understand your session explanation - thanks! It's the application variable that has
me perplexed.

If www.mydomain1.com and www.mydomain2.com both share the same IP address (domain
aliases), then I thought that their APPLICATION variables, set and read from the domain
root, would still be different. I'm surprised to see that an app variable set with the
first domain is also available to the aliased second domain.

Vic
"Anthony Jones" <An*@yadayadayada.comwrote in message
news:%2****************@TK2MSFTNGP06.phx.gbl...
>
"Victor" <vi*@vic.comwrote in message
news:ON**************@TK2MSFTNGP06.phx.gbl...
I've got two domain names sharing the same IP address that use ASP
VBScript

If I set a session variable with domain 1, it is only available for domain
1 - this is
correct?

If I set an application variable with domain 1, the app variable is
sharing across all
domains using that IP address - this is correct?

Nope. The problem is that inorder for the server to identify the session it
sets a session cookie which is sent to the browser. The session cookie will
be rooted in a URL which represents the root of the application. If you use
two different domain names to access the same website they cannot share
sessions.

Eg.

A website is accessed as MyServer as well as MyServer.mydomain.com

It has an application called myapp

Visting http://MyServer/MyApp/Default.asp results in the browser receiving a
session cookie rooted at http://MyServer/MyApp/

Now if in the same browser session you visit another page say
http://MyServer/MyApp/SomeFolder/somepage.asp
the session cookie for http://MyServer/MyApp/ is included in the request
because the root path for the cookie matches the URL requested. This
enables ASP to access session variables that may have be created by
Default.asp earlier because the cookie identifies the session.

Now if, again in the same browser session, you visit yet another page say
http://MyServer.mydomain.com/MyApp/AnotherPage.asp the root path of this URL
does not match the path for which the earlier session cookie was created.
Hence the session cookie is not sent in this request. The server sees
request as needing a new session and does not have any idea about the other
session.

Hope this is clear,

Anthony.
This is the behavior I am seeing and I want to make sure that my server is
set up
correct. I especially want to make sure application variable behavior is
correct.

Thank you!





Aug 1 '06 #4

P: n/a
Victor wrote:
I understand your session explanation - thanks! It's the application
variable that has me perplexed.

If www.mydomain1.com and www.mydomain2.com both share the same IP
address (domain aliases), then I thought that their APPLICATION
variables, set and read from the domain root, would still be
different. I'm surprised to see that an app variable set with the
first domain is also available to the aliased second domain.

Vic
I know it's a silly question, but it's got to be asked: have you taken steps
to ensure that the variable value will be different depending on the domain
in which it's running? I mean, you're not just setting an app variable to a
value in the global.asa file and expecting it to only be set in one of the
domains in which it runs are you?

--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"
Aug 1 '06 #5

P: n/a

"Victor" <vi*@vic.comwrote in message
news:uI**************@TK2MSFTNGP03.phx.gbl...
I understand your session explanation - thanks! It's the application
variable that has
me perplexed.

If www.mydomain1.com and www.mydomain2.com both share the same IP address
(domain
aliases), then I thought that their APPLICATION variables, set and read
from the domain
root, would still be different. I'm surprised to see that an app variable
set with the
first domain is also available to the aliased second domain.
Sorry misunderstood your question. Yes the behaviour you are seeing is
correct. The ASP application has not interest in the domain name(s) used to
access it and does not depend on anything from the client to identify the
application. Hence all urls which ultimate resolve to the application folder
(or one of its sub-folders) will identify with the same application on the
web server and will share any application variables.

Anthony.
Vic
"Anthony Jones" <An*@yadayadayada.comwrote in message
news:%2****************@TK2MSFTNGP06.phx.gbl...

"Victor" <vi*@vic.comwrote in message
news:ON**************@TK2MSFTNGP06.phx.gbl...
I've got two domain names sharing the same IP address that use ASP
VBScript
>
If I set a session variable with domain 1, it is only available for
domain
1 - this is
correct?
>
If I set an application variable with domain 1, the app variable is
sharing across all
domains using that IP address - this is correct?
>
Nope. The problem is that inorder for the server to identify the
session it
sets a session cookie which is sent to the browser. The session cookie
will
be rooted in a URL which represents the root of the application. If you
use
two different domain names to access the same website they cannot share
sessions.

Eg.

A website is accessed as MyServer as well as MyServer.mydomain.com

It has an application called myapp

Visting http://MyServer/MyApp/Default.asp results in the browser
receiving a
session cookie rooted at http://MyServer/MyApp/

Now if in the same browser session you visit another page say
http://MyServer/MyApp/SomeFolder/somepage.asp
the session cookie for http://MyServer/MyApp/ is included in the
request
because the root path for the cookie matches the URL requested. This
enables ASP to access session variables that may have be created by
Default.asp earlier because the cookie identifies the session.

Now if, again in the same browser session, you visit yet another page
say
http://MyServer.mydomain.com/MyApp/AnotherPage.asp the root path of this
URL
does not match the path for which the earlier session cookie was
created.
Hence the session cookie is not sent in this request. The server sees
request as needing a new session and does not have any idea about the
other
session.

Hope this is clear,

Anthony.
This is the behavior I am seeing and I want to make sure that my
server is
set up
correct. I especially want to make sure application variable behavior
is
correct.
>
Thank you!
>
>
>
>
>
>
>


Aug 1 '06 #6

P: n/a

"Anthony Jones" <An*@yadayadayada.comwrote in message
news:Oq**************@TK2MSFTNGP03.phx.gbl...
>
"Victor" <vi*@vic.comwrote in message
news:uI**************@TK2MSFTNGP03.phx.gbl...
I understand your session explanation - thanks! It's the application
variable that has
me perplexed.

If www.mydomain1.com and www.mydomain2.com both share the same IP address
(domain
aliases), then I thought that their APPLICATION variables, set and read
from the domain
root, would still be different. I'm surprised to see that an app variable
set with the
first domain is also available to the aliased second domain.

Sorry misunderstood your question. Yes the behaviour you are seeing is
correct. The ASP application has not interest in the domain name(s) used to
access it and does not depend on anything from the client to identify the
application. Hence all urls which ultimate resolve to the application folder
(or one of its sub-folders) will identify with the same application on the
web server and will share any application variables.

Anthony.
Vic
"Anthony Jones" <An*@yadayadayada.comwrote in message
news:%2****************@TK2MSFTNGP06.phx.gbl...
>
"Victor" <vi*@vic.comwrote in message
news:ON**************@TK2MSFTNGP06.phx.gbl...
I've got two domain names sharing the same IP address that use ASP
VBScript

If I set a session variable with domain 1, it is only available for
domain
1 - this is
correct?

If I set an application variable with domain 1, the app variable is
sharing across all
domains using that IP address - this is correct?

>
Nope. The problem is that inorder for the server to identify the
session it
sets a session cookie which is sent to the browser. The session cookie
will
be rooted in a URL which represents the root of the application. If you
use
two different domain names to access the same website they cannot share
sessions.
>
Eg.
>
A website is accessed as MyServer as well as MyServer.mydomain.com
>
It has an application called myapp
>
Visting http://MyServer/MyApp/Default.asp results in the browser
receiving a
session cookie rooted at http://MyServer/MyApp/
>
Now if in the same browser session you visit another page say
http://MyServer/MyApp/SomeFolder/somepage.asp
the session cookie for http://MyServer/MyApp/ is included in the
request
because the root path for the cookie matches the URL requested. This
enables ASP to access session variables that may have be created by
Default.asp earlier because the cookie identifies the session.
>
Now if, again in the same browser session, you visit yet another page
say
http://MyServer.mydomain.com/MyApp/AnotherPage.asp the root path of this
URL
does not match the path for which the earlier session cookie was
created.
Hence the session cookie is not sent in this request. The server sees
request as needing a new session and does not have any idea about the
other
session.
>
Hope this is clear,
>
Anthony.
>
This is the behavior I am seeing and I want to make sure that my
server is
set up
correct. I especially want to make sure application variable behavior
is
correct.

Thank you!







>
>


Aug 2 '06 #7

P: n/a
"Anthony Jones" <An*@yadayadayada.comwrote in message
news:Oq**************@TK2MSFTNGP03.phx.gbl...
Sorry misunderstood your question. Yes the behaviour you are seeing is
correct. The ASP application has not interest in the domain name(s) used to
access it and does not depend on anything from the client to identify the
application. Hence all urls which ultimate resolve to the application folder
(or one of its sub-folders) will identify with the same application on the
web server and will share any application variables.

Anthony.
This makes sense. Thank, Anthony.

Vic

Aug 2 '06 #8

This discussion thread is closed

Replies have been disabled for this discussion.