473,387 Members | 1,834 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > share session between secure and non-secure applications

Join Bytes to post your question to a community of 473,387 software developers and data experts.

Share session between secure and non-secure applications

Joe
I have an application which runs in a non-secure environment. I also have an
application that runs in a secure environment (both on the same machine). Is
there any way to share the session data for this?

Most of the site allows the user to add things to a cart (non-secure), once
they choose to check-out, I need this information which was stored in the
session to be read by the payment page(secured).

Hope this makes sense. It's probably not the best way to handle it. Any
suggestions are more than welcome.

Thanks,
Joe
Dec 7 '05 #1
5 2147
I don't think you would want to store things like that in session. If the
user timesout because they left for lunch, then come back and click
something they will have an empty cart because they will have a new session.

Additionally, there is no way I know of to share data between two different
applications.

Is there a reason this wouldn't all just be one application?

Regardless, I recommend you store cart contents in a cookie or something so
you are not dependent on session state.

"Joe" <jb*******@noemail.noemail> wrote in message
news:OB***************@TK2MSFTNGP15.phx.gbl...
I have an application which runs in a non-secure environment. I also have
an application that runs in a secure environment (both on the same
machine). Is there any way to share the session data for this?

Most of the site allows the user to add things to a cart (non-secure),
once they choose to check-out, I need this information which was stored in
the session to be read by the payment page(secured).

Hope this makes sense. It's probably not the best way to handle it. Any
suggestions are more than welcome.

Thanks,
Joe

Dec 7 '05 #2
Thanks for Marina's inputs.

Hi Joe,

For sessionState, different ASP.NET application can not share the same
sesstion storage (no matter what session mode it uses....). I'm also
wondering whether it possible that you combine the wo application into one
single asp.net web application, that'll make share ASP.NET states quite
simple. In addition, if we do need to make those two application part
separated and share some datas, I think some other persistence storage such
as database storage.....

Thanks,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
--------------------
| From: "Marina" <so*****@nospam.com>
| References: <OB*************@TK2MSFTNGP15.phx.gbl>
| Subject: Re: Share session between secure and non-secure applications
| Date: Wed, 7 Dec 2005 14:10:30 -0500
| Lines: 30
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| X-RFC2646: Format=Flowed; Response
| Message-ID: <u2*************@TK2MSFTNGP09.phx.gbl>
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| NNTP-Posting-Host: gw.deltek.com 63.72.155.97
| Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFT NGP09.phx.gbl
| Xref: TK2MSFTNGXA02.phx.gbl
microsoft.public.dotnet.framework.aspnet:363457
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
|
| I don't think you would want to store things like that in session. If the
| user timesout because they left for lunch, then come back and click
| something they will have an empty cart because they will have a new
session.
|
| Additionally, there is no way I know of to share data between two
different
| applications.
|
| Is there a reason this wouldn't all just be one application?
|
| Regardless, I recommend you store cart contents in a cookie or something
so
| you are not dependent on session state.
|
| "Joe" <jb*******@noemail.noemail> wrote in message
| news:OB***************@TK2MSFTNGP15.phx.gbl...
| >I have an application which runs in a non-secure environment. I also
have
| >an application that runs in a secure environment (both on the same
| >machine). Is there any way to share the session data for this?
| >
| > Most of the site allows the user to add things to a cart (non-secure),
| > once they choose to check-out, I need this information which was stored
in
| > the session to be read by the payment page(secured).
| >
| > Hope this makes sense. It's probably not the best way to handle it. Any
| > suggestions are more than welcome.
| >
| > Thanks,
| > Joe
| >
|
|
|

Dec 8 '05 #3
Joe
Hi Steve,

I would like to use a single application but I don't see how I can do that
since there are two different locations (same machine though) for the secure
and non-secure pages.

I was trying to use cookies like Marina suggested but these can't be shared
either.

If I go the database route, how do I know when to delete the records?

-Joe

"Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in message
news:Gv***************@TK2MSFTNGXA02.phx.gbl...
Thanks for Marina's inputs.

Hi Joe,

For sessionState, different ASP.NET application can not share the same
sesstion storage (no matter what session mode it uses....). I'm also
wondering whether it possible that you combine the wo application into one
single asp.net web application, that'll make share ASP.NET states quite
simple. In addition, if we do need to make those two application part
separated and share some datas, I think some other persistence storage
such
as database storage.....

Thanks,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
--------------------
| From: "Marina" <so*****@nospam.com>
| References: <OB*************@TK2MSFTNGP15.phx.gbl>
| Subject: Re: Share session between secure and non-secure applications
| Date: Wed, 7 Dec 2005 14:10:30 -0500
| Lines: 30
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| X-RFC2646: Format=Flowed; Response
| Message-ID: <u2*************@TK2MSFTNGP09.phx.gbl>
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| NNTP-Posting-Host: gw.deltek.com 63.72.155.97
| Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFT NGP09.phx.gbl
| Xref: TK2MSFTNGXA02.phx.gbl
microsoft.public.dotnet.framework.aspnet:363457
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
|
| I don't think you would want to store things like that in session. If
the
| user timesout because they left for lunch, then come back and click
| something they will have an empty cart because they will have a new
session.
|
| Additionally, there is no way I know of to share data between two
different
| applications.
|
| Is there a reason this wouldn't all just be one application?
|
| Regardless, I recommend you store cart contents in a cookie or something
so
| you are not dependent on session state.
|
| "Joe" <jb*******@noemail.noemail> wrote in message
| news:OB***************@TK2MSFTNGP15.phx.gbl...
| >I have an application which runs in a non-secure environment. I also
have
| >an application that runs in a secure environment (both on the same
| >machine). Is there any way to share the session data for this?
| >
| > Most of the site allows the user to add things to a cart (non-secure),
| > once they choose to check-out, I need this information which was
stored
in
| > the session to be read by the payment page(secured).
| >
| > Hope this makes sense. It's probably not the best way to handle it.
Any
| > suggestions are more than welcome.
| >
| > Thanks,
| > Joe
| >
|
|
|

Dec 8 '05 #4
Hi Joe,

For SSL securing, based on my understanding , IIS server support
configuring the SSL protection setting(requiring secure channel) based on
virtual dir level( not application level). So you can put those two
applications into one asp.net application and in different sub folder.
Then, we can configure different ssl protection for them....

Also, for data deleting when using sqlserver as backend data storage, we
may need to manually create a background service(using a background thread
to monitior and deleting expired data or using Sqlserver Agent's Job....)

Thanks,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
--------------------
| From: "Joe" <jb*******@noemail.noemail>
| References: <OB*************@TK2MSFTNGP15.phx.gbl>
<u2*************@TK2MSFTNGP09.phx.gbl>
<Gv*************@TK2MSFTNGXA02.phx.gbl>
| Subject: Re: Share session between secure and non-secure applications
| Date: Thu, 8 Dec 2005 02:51:32 -0500
| Lines: 97
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| X-RFC2646: Format=Flowed; Original
| Message-ID: <e3**************@TK2MSFTNGP11.phx.gbl>
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| NNTP-Posting-Host: 69.37.58.70.adsl.snet.net 69.37.58.70
| Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFT NGP11.phx.gbl
| Xref: TK2MSFTNGXA02.phx.gbl
microsoft.public.dotnet.framework.aspnet:363576
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
|
| Hi Steve,
|
| I would like to use a single application but I don't see how I can do
that
| since there are two different locations (same machine though) for the
secure
| and non-secure pages.
|
| I was trying to use cookies like Marina suggested but these can't be
shared
| either.
|
| If I go the database route, how do I know when to delete the records?
|
| -Joe
|
| "Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in message
| news:Gv***************@TK2MSFTNGXA02.phx.gbl...
| > Thanks for Marina's inputs.
| >
| > Hi Joe,
| >
| > For sessionState, different ASP.NET application can not share the same
| > sesstion storage (no matter what session mode it uses....). I'm also
| > wondering whether it possible that you combine the wo application into
one
| > single asp.net web application, that'll make share ASP.NET states quite
| > simple. In addition, if we do need to make those two application part
| > separated and share some datas, I think some other persistence storage
| > such
| > as database storage.....
| >
| > Thanks,
| >
| > Steven Cheng
| > Microsoft Online Support
| >
| > Get Secure! www.microsoft.com/security
| > (This posting is provided "AS IS", with no warranties, and confers no
| > rights.)
| > --------------------
| > | From: "Marina" <so*****@nospam.com>
| > | References: <OB*************@TK2MSFTNGP15.phx.gbl>
| > | Subject: Re: Share session between secure and non-secure applications
| > | Date: Wed, 7 Dec 2005 14:10:30 -0500
| > | Lines: 30
| > | X-Priority: 3
| > | X-MSMail-Priority: Normal
| > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| > | X-RFC2646: Format=Flowed; Response
| > | Message-ID: <u2*************@TK2MSFTNGP09.phx.gbl>
| > | Newsgroups: microsoft.public.dotnet.framework.aspnet
| > | NNTP-Posting-Host: gw.deltek.com 63.72.155.97
| > | Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFT NGP09.phx.gbl
| > | Xref: TK2MSFTNGXA02.phx.gbl
| > microsoft.public.dotnet.framework.aspnet:363457
| > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| > |
| > | I don't think you would want to store things like that in session. If
| > the
| > | user timesout because they left for lunch, then come back and click
| > | something they will have an empty cart because they will have a new
| > session.
| > |
| > | Additionally, there is no way I know of to share data between two
| > different
| > | applications.
| > |
| > | Is there a reason this wouldn't all just be one application?
| > |
| > | Regardless, I recommend you store cart contents in a cookie or
something
| > so
| > | you are not dependent on session state.
| > |
| > | "Joe" <jb*******@noemail.noemail> wrote in message
| > | news:OB***************@TK2MSFTNGP15.phx.gbl...
| > | >I have an application which runs in a non-secure environment. I also
| > have
| > | >an application that runs in a secure environment (both on the same
| > | >machine). Is there any way to share the session data for this?
| > | >
| > | > Most of the site allows the user to add things to a cart
(non-secure),
| > | > once they choose to check-out, I need this information which was
| > stored
| > in
| > | > the session to be read by the payment page(secured).
| > | >
| > | > Hope this makes sense. It's probably not the best way to handle it.
| > Any
| > | > suggestions are more than welcome.
| > | >
| > | > Thanks,
| > | > Joe
| > | >
| > |
| > |
| > |
| >
|
|
|

Dec 9 '05 #5
Hey Joe,

Any further progress? If anything else we can help, please feel free to
post here.

Thanks,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
--------------------
| X-Tomcat-ID: 132683453
| References: <OB*************@TK2MSFTNGP15.phx.gbl>
<u2*************@TK2MSFTNGP09.phx.gbl>
<Gv*************@TK2MSFTNGXA02.phx.gbl>
<e3**************@TK2MSFTNGP11.phx.gbl>
| MIME-Version: 1.0
| Content-Type: text/plain
| Content-Transfer-Encoding: 7bit
| From: st*****@online.microsoft.com (Steven Cheng[MSFT])
| Organization: Microsoft
| Date: Fri, 09 Dec 2005 07:52:52 GMT
| Subject: Re: Share session between secure and non-secure applications
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| Message-ID: <hu**************@TK2MSFTNGXA02.phx.gbl>
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| Lines: 133
| Path: TK2MSFTNGXA02.phx.gbl
| Xref: TK2MSFTNGXA02.phx.gbl
microsoft.public.dotnet.framework.aspnet:363797
| NNTP-Posting-Host: tomcatimport2.phx.gbl 10.201.218.182
|
| Hi Joe,
|
| For SSL securing, based on my understanding , IIS server support
| configuring the SSL protection setting(requiring secure channel) based on
| virtual dir level( not application level). So you can put those two
| applications into one asp.net application and in different sub folder.
| Then, we can configure different ssl protection for them....
|
| Also, for data deleting when using sqlserver as backend data storage, we
| may need to manually create a background service(using a background
thread
| to monitior and deleting expired data or using Sqlserver Agent's Job....)
|
| Thanks,
|
| Steven Cheng
| Microsoft Online Support
|
| Get Secure! www.microsoft.com/security
| (This posting is provided "AS IS", with no warranties, and confers no
| rights.)
|
|
| --------------------
| | From: "Joe" <jb*******@noemail.noemail>
| | References: <OB*************@TK2MSFTNGP15.phx.gbl>
| <u2*************@TK2MSFTNGP09.phx.gbl>
| <Gv*************@TK2MSFTNGXA02.phx.gbl>
| | Subject: Re: Share session between secure and non-secure applications
| | Date: Thu, 8 Dec 2005 02:51:32 -0500
| | Lines: 97
| | X-Priority: 3
| | X-MSMail-Priority: Normal
| | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| | X-RFC2646: Format=Flowed; Original
| | Message-ID: <e3**************@TK2MSFTNGP11.phx.gbl>
| | Newsgroups: microsoft.public.dotnet.framework.aspnet
| | NNTP-Posting-Host: 69.37.58.70.adsl.snet.net 69.37.58.70
| | Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFT NGP11.phx.gbl
| | Xref: TK2MSFTNGXA02.phx.gbl
| microsoft.public.dotnet.framework.aspnet:363576
| | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| |
| | Hi Steve,
| |
| | I would like to use a single application but I don't see how I can do
| that
| | since there are two different locations (same machine though) for the
| secure
| | and non-secure pages.
| |
| | I was trying to use cookies like Marina suggested but these can't be
| shared
| | either.
| |
| | If I go the database route, how do I know when to delete the records?
| |
| | -Joe
| |
| | "Steven Cheng[MSFT]" <st*****@online.microsoft.com> wrote in message
| | news:Gv***************@TK2MSFTNGXA02.phx.gbl...
| | > Thanks for Marina's inputs.
| | >
| | > Hi Joe,
| | >
| | > For sessionState, different ASP.NET application can not share the same
| | > sesstion storage (no matter what session mode it uses....). I'm also
| | > wondering whether it possible that you combine the wo application
into
| one
| | > single asp.net web application, that'll make share ASP.NET states
quite
| | > simple. In addition, if we do need to make those two application part
| | > separated and share some datas, I think some other persistence
storage
| | > such
| | > as database storage.....
| | >
| | > Thanks,
| | >
| | > Steven Cheng
| | > Microsoft Online Support
| | >
| | > Get Secure! www.microsoft.com/security
| | > (This posting is provided "AS IS", with no warranties, and confers no
| | > rights.)
| | > --------------------
| | > | From: "Marina" <so*****@nospam.com>
| | > | References: <OB*************@TK2MSFTNGP15.phx.gbl>
| | > | Subject: Re: Share session between secure and non-secure
applications
| | > | Date: Wed, 7 Dec 2005 14:10:30 -0500
| | > | Lines: 30
| | > | X-Priority: 3
| | > | X-MSMail-Priority: Normal
| | > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| | > | X-RFC2646: Format=Flowed; Response
| | > | Message-ID: <u2*************@TK2MSFTNGP09.phx.gbl>
| | > | Newsgroups: microsoft.public.dotnet.framework.aspnet
| | > | NNTP-Posting-Host: gw.deltek.com 63.72.155.97
| | > | Path:
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFT NGP09.phx.gbl
| | > | Xref: TK2MSFTNGXA02.phx.gbl
| | > microsoft.public.dotnet.framework.aspnet:363457
| | > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| | > |
| | > | I don't think you would want to store things like that in session.
If
| | > the
| | > | user timesout because they left for lunch, then come back and click
| | > | something they will have an empty cart because they will have a new
| | > session.
| | > |
| | > | Additionally, there is no way I know of to share data between two
| | > different
| | > | applications.
| | > |
| | > | Is there a reason this wouldn't all just be one application?
| | > |
| | > | Regardless, I recommend you store cart contents in a cookie or
| something
| | > so
| | > | you are not dependent on session state.
| | > |
| | > | "Joe" <jb*******@noemail.noemail> wrote in message
| | > | news:OB***************@TK2MSFTNGP15.phx.gbl...
| | > | >I have an application which runs in a non-secure environment. I
also
| | > have
| | > | >an application that runs in a secure environment (both on the same
| | > | >machine). Is there any way to share the session data for this?
| | > | >
| | > | > Most of the site allows the user to add things to a cart
| (non-secure),
| | > | > once they choose to check-out, I need this information which was
| | > stored
| | > in
| | > | > the session to be read by the payment page(secured).
| | > | >
| | > | > Hope this makes sense. It's probably not the best way to handle
it.
| | > Any
| | > | > suggestions are more than welcome.
| | > | >
| | > | > Thanks,
| | > | > Joe
| | > | >
| | > |
| | > |
| | > |
| | >
| |
| |
| |
|
|

Dec 13 '05 #6
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

5
How to share a variable between browser sessions
by: Ikke | last post by:
I have to share a variable between browser sessions. One session for example changes the variable, the other sessions must see the changes (get the new value instead of the original value) it's...
PHP
3
Having two ASP.NET projects share a single Session
by: AARON PECORARO | last post by:
I need to split apart my web application into multiple projects to allow it to be distributed in parts, but all of the projects need to work together (ie. they need to share session information)....
.NET Framework
2
Using a db to share ASP session state var w/ ASP.NET page
by: VB Programmer | last post by:
I've read that you can save a session state variable created by an ASP page into a db so that the value of the session state variable can be read/used by an ASP.NET webform. Question: Let's say...
ASP.NET
3
How can i share asp session data with asp.net session data
by: far asl via DotNetMonster.com | last post by:
I have developed my site admin pages some in asp while others are in asp.net. I have problem that i cannot share session variables of both alternatively. Actually i save my userid in session...
ASP.NET
6
Share CDO Session Among Threads
by: Gary Lee | last post by:
In VB.NET using CDO, I'd like to allow multiple threads to share a single MAPI.Session object. If I declare and instantiate sessions within each thread, I'm OK (although this negates the...
Visual Basic .NET
1
Share Single Session between different .net Solutions
by: Rommellion | last post by:
We have 5 to 6 projects .net running on production, in which each one has its own virtual direstory, however we need to add up two more and link them all together so they can share same single...
.NET Framework
1
Share session between subdomains?
by: Hans Kesting | last post by:
Hi, Is it possible to share sessions between subdomains? Say: the user logs in at www.company.com, and is redirected to my.company.com. This is a different url for the same application. Can I...
ASP.NET
4
SQL Server session not working...
by: NAT | last post by:
I was using session mode as "InProc"(entered in web.config). I have deployed my ASP.NET appln. on a server which uses Load Balancer. i.e I have two servers. I am using session across pages.The...
ASP.NET
1
share session data between asp and asp.net
by: Nayana Thara | last post by:
We have a web site where we have asp and asp.net. how can we share session data b/w the two environments.
ASP / Active Server Pages
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!