473,405 Members | 2,344 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp / active server pages > questions > asp session, cookies and ssl

Join Bytes to post your question to a community of 473,405 software developers and data experts.

ASP Session, Cookies and SSL

I have created a site shopping cart in ASP.net.

I am using ASP session object's SessionID on non SSL connection to track
session.
While adding products to cart DB I insert product and SessionID in table.
All products and cart status pages are on non SSL connection.

On checkout to get secure user information I shifted connection to SSL but
when shifting to SSL, the SessionID changed (As is this is default behavior
of IIS to prevent stealing SSL session).

To get rid of this problem I shifted my all products and cart pages to SSL,
now its working fine but I am not satisfied with this solution because it is
not feasible to put all product pages (about 500 pages) to SSL. As I see
while shopping with big companies sites i.e. Microsoft, Amazon etc. they
change to SSL only in checkout page.

How can I build it like that all pages remains in non SSL and only checkout
pages should be on SSL. One solution may be to use custom cookies to track
session but it may have the same problem of session hijacking/ session
stealing.

Any one please explain me what is the best way to create shopping cart with
SSL, the ASP/ASP.net session or setting own cookies.

Please explain in detail or refer some useful links.

regards,
Adil

Jul 19 '05 #1
1 2106
Adil Akram wrote:
I have created a site shopping cart in ASP.net.

There was no way for you to know it, but this is a classic asp newsgroup.
While you may be lucky enough to find a dotnet-savvy person here who can
answer your question, you can eliminate the luck factor by posting your
question to a group where those dotnet-savvy people hang out. I suggest
microsoft.public.dotnet.framework.aspnet.

--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"
Jul 19 '05 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

27
Reality Check: Session Hijacking
by: mrbog | last post by:
Tell me if my assertion is wrong here: The only way to prevent session hijacking is to NEVER store authentication information (such as name/password) in the session. Well, to never authenticate...
PHP
0
HTTPClient Cookies and Session- What am I doing wrong??
by: Maverick | last post by:
Hello all, I read some good reviews about jakarta HTTPClient about its session and cookies management system and fancied giving it a try as a learning exercise but somehow I don't seem to be able...
Java
3
ASP Session variable problem ...
by: PM | last post by:
I'm trying to make a kind of search history containing the 3 last searched words. So I'm using 3 Session Variables: Word1 / Word2 / Word3. In order to get this history working, I need to put the...
ASP / Active Server Pages
2
Cookies , Session Which is Better ? and Global.asa Question
by: Amit D.Shinde | last post by:
Hello Experts.. I need some help regarding cookies and session objects and also global.asa file I am creating one cookie when a user logs in on my website. The cookie stores the login name of...
ASP / Active Server Pages
9
Session object and coockies in asp.net
by: RA | last post by:
Hi Please review and let me know if I am correct: 1) My understanding from reading http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag/html/ diforwc-ch05.asp is that...
ASP.NET
7
session cookies
by: Marcus | last post by:
I know that when you start a session in PHP, the "cookie" it creates is not the same as those that are stored in your browser's temp folder, and instead is kept in RAM. I am confused because in...
PHP
3
Cookies and session variables
by: damezumari | last post by:
To find out were session variables are stored I included this instruction in my program: echo ini_get("session.save_path"); The reply was /home/7604/data/tmp which is a folder on my server. I...
PHP
2
IE does not accept session cookies
by: StanB | last post by:
I came across this weird problem: 1. Session state stops working after the app is deployed to another server because IE does not accept cookies. 2. It works if cookieless="true" in the...
ASP.NET
3
IIS7 - New session id with every request
by: dihola | last post by:
Hi, I have a website running in IIS7 and it seems to be creating a new session for every request I make. The values I store in Session are lost with every request. This is the forms bit in my...
.NET Framework
9
Session handling, login across all subdomains
by: Josh | last post by:
I run a Joomla website and am familiar with php in some but not all aspects. Currently I am trying to find some solutions related to session handling. Am I correct in saying that "login" is kept...
PHP
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!