470,831 Members | 1,689 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 470,831 developers. It's quick & easy.

How can I transfer Session info to a different domain on same server?

Here is my situation. I'm building a web based store that will use the same
code base for every store using host headers to determine which data to
display. To prevent purchasing a SSL Cert for each domain I want to
redirect the checkout process to a different domain. I have two or three
session variables that contain sensitive data that I don't want to pass
across the address line or session cookie. Any thoughts on how I can pass
the contents of the session variable? I'm not completly opposed to a hidden
field but I haven't looked into it and wanted to find out if there is an
easy way to allow the user to go back and forth between the secure checkout
and the rest of the store while maintaining the session variables.
Apr 25 '06 #1
2 2470
- Create a unique identity value for your user - serialize yourself a GUID
or somesuch thing.
- Using a SQL Server, store your to-be-preserved values to a record in a
meta table you create for state maintenance. I.e. a table with columns "key"
and "value" in it, along with the guid, where you can use the SQL table as a
glorified hashtable.
- parameterize the URL or redirect over to the other server.
- On the other server, use the passed parameter, and look up the record in
your SQL hashtable-like database.

R.
"Bishop" <no****@nospam.com> wrote in message
news:eg**************@TK2MSFTNGP05.phx.gbl...
Here is my situation. I'm building a web based store that will use the
same code base for every store using host headers to determine which data
to display. To prevent purchasing a SSL Cert for each domain I want to
redirect the checkout process to a different domain. I have two or three
session variables that contain sensitive data that I don't want to pass
across the address line or session cookie. Any thoughts on how I can pass
the contents of the session variable? I'm not completly opposed to a
hidden field but I haven't looked into it and wanted to find out if there
is an easy way to allow the user to go back and forth between the secure
checkout and the rest of the store while maintaining the session
variables.

Apr 25 '06 #2
A hiddenfields would be the least secure method possible. Simply save the
info to a database and then call it up on the checkout section by passing a
key field using Post or Get. Cookies don't work accross domains either,
imagine if Amazon could read your Barnes and Noble cookies.

"Bishop" wrote:
Here is my situation. I'm building a web based store that will use the same
code base for every store using host headers to determine which data to
display. To prevent purchasing a SSL Cert for each domain I want to
redirect the checkout process to a different domain. I have two or three
session variables that contain sensitive data that I don't want to pass
across the address line or session cookie. Any thoughts on how I can pass
the contents of the session variable? I'm not completly opposed to a hidden
field but I haven't looked into it and wanted to find out if there is an
easy way to allow the user to go back and forth between the secure checkout
and the rest of the store while maintaining the session variables.

Apr 25 '06 #3

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

14 posts views Thread by Darrin J Olson | last post: by
6 posts views Thread by StephenMcC | last post: by
23 posts views Thread by barryfz | last post: by
1 post views Thread by Hans Kesting | last post: by
11 posts views Thread by Bocah Sableng | last post: by
13 posts views Thread by Samir Chouaieb | last post: by
9 posts views Thread by Josh | last post: by
reply views Thread by mihailmihai484 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.