By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
425,696 Members | 2,213 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 425,696 IT Pros & Developers. It's quick & easy.

Issues passing cookies between apps on same box

P: n/a
Hi,
I'm having issues with what I'm *sure* is a simple problem.

Basically having a problem passing a cookie between two sites.
On Site A you sign in, and create a cookie with the users ID in it
When the user wants to purchase anything (and enter CC details) we want to
pass the user to the secure site, which is on the same server.
Alas the cookie is not being picked up on the secure site.

a) Both sites are on the same box
b) Works on my development pc, but not on the DEV box (that old chestnut!)
c) The secure site isn't https - we only have the certificate on the
production site, so this isn't an https issue
d) ASP.NET 1.1 (yes, I know...) moving soon
e) After a bit of googling I've added a machnekey section (below) to
web.config, but this hasn;t changed anything - still the same issue.

<machineKey
validationKey="F6EF6C186BDB1A9630BB84301322B022D42 49CFF98407D3D67284AE441B4309F06B5A1B9D7DC37E645783 CFB7DC2C79CC297812BB968B9816EF08DFBD0D98D77"
decryptionKey="AAAD8D2655F03CC1EDE43DEF9D8BFBD4367 73295D0D78C9C"
validation="SHA1" />

If anyone has any ideas it'd be most appreciated.

I take it cookies is the way to go here? We're using forms authentication. I
do not want to pass anything in a query string! :)

Thanks
Dec 10 '07 #1
Share this Question
Share on Google+
3 Replies


P: n/a
I'm having issues with what I'm *sure* is a simple problem.
The problem is simple. The solution, maybe not.
Basically having a problem passing a cookie between two sites.
On Site A you sign in, and create a cookie with the users ID in it
When the user wants to purchase anything (and enter CC details) we want to
pass the user to the secure site, which is on the same server.
Alas the cookie is not being picked up on the secure site.
This is by design. A browser does not (and should not) give cookies from one
site to a completely different site. For example, you wouldn't want the
cookie generated by your site to be passed to, say, Google, would you?
a) Both sites are on the same box
Doesn't matter. One box can host hundreds of sites, that doesn't mean they
should share information.
b) Works on my development pc, but not on the DEV box (that old chestnut!)
That's probably because they are not really different sites on your
development pc. I bet when you run everything on your development pc that
all URLs start with http://localhost, right? If so, the browser thinks they
are all the same site. When you put it on the "DEV" box I bet the URLs are
different (e.g. http://www.mysite.com and http://secure.mysite.com or
something like that), right?
c) The secure site isn't https - we only have the certificate on the
production site, so this isn't an https issue
Right on.
d) ASP.NET 1.1 (yes, I know...) moving soon
Doesn't matter.
e) After a bit of googling I've added a machnekey section (below) to
web.config, but this hasn;t changed anything - still the same issue.

<machineKey
validationKey="F6EF6C186BDB1A9630BB84301322B022D42 49CFF98407D3D67284AE441B4309F06B5A1B9D7DC37E645783 CFB7DC2C79CC297812BB968B9816EF08DFBD0D98D77"
decryptionKey="AAAD8D2655F03CC1EDE43DEF9D8BFBD4367 73295D0D78C9C"
validation="SHA1" />
You'll still need that bit of info once you get the cookie situation worked
out.
If anyone has any ideas it'd be most appreciated.
Assuming that your problem is domain-related, this article might help:

http://brennan.offwhite.net/blog/200...ith-aspnet-20/
>
I take it cookies is the way to go here? We're using forms authentication.
I
do not want to pass anything in a query string! :)
I agree.

Dec 10 '07 #2

P: n/a
Hi Scott,

Many thanks for the reply
very helpful, especially the link..
http://brennan.offwhite.net/blog/200...ith-aspnet-20/

Alas that deals with asp.net 2.0. I'm still stuck with asp.net 1.1 until
January.
Needless to say I haven't got until Jan to fix, so I'm still looking.

Cheers
Dec 11 '07 #3

P: n/a
Hmmm, you did say that you were using 1.1. But then I was under the
impression that you were using the MS aspnet membership stuff, which comes
with 2.0, so I'm a little confused.

Regardless, I think your problem is just a cookie/domain problem. So try
manipulating that and see what you get.

Here's a sample that appears to be using 1.1:

http://groups.google.com.hk/group/mi...968cc384577926

Scott
"Andy" <An**@discussions.microsoft.comwrote in message
news:B7**********************************@microsof t.com...
Hi Scott,

Many thanks for the reply
very helpful, especially the link..
http://brennan.offwhite.net/blog/200...ith-aspnet-20/

Alas that deals with asp.net 2.0. I'm still stuck with asp.net 1.1 until
January.
Needless to say I haven't got until Jan to fix, so I'm still looking.

Cheers
Dec 11 '07 #4

This discussion thread is closed

Replies have been disabled for this discussion.