I don't think you can do that.
Or at best, its more drama then its worth.
My approach would be:
generate a guid (System.Guid.NewGuid().ToString() )
Keep a table that maps this guid to a user.
Have a special page that handles these guid inputs.
www.myapp.com/EntryPoint/GuidTaker.aspx
When sending them a URL, do this
http://www.myapp.com/EntryPoint/Guid...eeeaaabbbcccdd
deee
Read the database, find the user, set their credentails, redirect them.
You might even have:
http://www.myapp.com/EntryPoint/Guid...=aaabbbcccddde
eeaaabbbcccdddeee
Where you have a few pages (like "aboutus" and it takes you to
"aboutus.aspx" or something like that).
Between the crossbrowser issue. And the fact that SessionID (I think) are
abandoned.....I don't think your approach is a good one.
You can add some logic to GuidTaker.aspx to track subsequent tries, if
they're trying an attack.
If security is an issue, then you can use 2 guids.
http://www.myapp.com/EntryPoint/Guid...eeeaaabbbcccdd
deee&checkuuid=eeefffeeeaaadddeeeecccdddeeebbbaaa& page=aboutus
The liklihood of guessing 2 guid's has to be out the roof.
You'll have to cleanup the table where you store the guid's and the userid
once in a while.
But this way, you can give the same user different entry points
"Nanker" <na****@sacbeemail.comwrote in message
news:11**********************@b28g2000cwb.googlegr oups.com...
Our existing ASP.NET web application does store a session ID in the
cookies (ASP.Net_SessionID) for a logged in user. A new requirement has
been stated that we need to be able to send a customer an email with a
link to a specific page in the application, and if the user clicks on
the email link while they are logged in to the application, they will
be taken to that page in the application without having to log in.
Given this:
- Is this possible to read the session ID from the cookie for the
active login and reuse it for this other request?
- Is it possible to do this within the specific browser with which they
are already logged in or will a separate browser have to be created?
I've been trying to read up on the best overall approach to this
problem, and I thought that asking here would provide good feedback.
Your response is appreciated.
Thanks in advance