Can i access session variable of one site in another(same IIS)
site1:
aaa.xxx.com
Session["name"]="balaji"
site2:
bbb.xxx.com
string name=Session["name"].ToString()
Is it possible?
ASP.NET session state enables you to store and retrieve values for a
user as the user navigates ASP.NET pages in a Web application. HTTP is
a stateless protocol. This means that a Web server treats each HTTP
request for a page as an independent request. The server retains no
knowledge of variable values that were used during previous requests.
ASP.NET session state identifies requests from the same browser during
a limited time window as a session, and provides a way to persist
variable values for the duration of that session.
source : MSDN
This can be achieved using Query String.
Call the second site URL with a query string with it. http:\\bbb.xxx.com?name=balaji
Handle the query string in the second site.
More info - How to use Query String
Related
UPDATE: After doing analysis for my original problem which is listed in the second section i found the issue could be due to 304 response below is the detailed explanation.
I have developed a web application where users clicks on the link and its takes him to servlet where i set few session variables and then forward it to jsp. First time when i access the application things work fine after closing browser and then opening browser and accessing application i get null pointer exception in jsp because it is trying to access session data the reason it i am getting 304 response for the servlet , so this means that servlet is not invoked and my jsp are getting called ? since servlet is not called session values are not set .
Is my understanding correct?
I am observing this only in IE9
--------------------- My original question is below --------
We have integrated Siteminder in our application , I have observed that siteminder cookie SM session is created for different domain where as my application specific cookie is created for proper domain.
For every request i see new smsession value but my application cookie remains same , even though the cookie remains same the values which I set in session using servlet are not available in my jsp.
I have printed the jsession id, the jsession id is same for all request.
Below is the flow.
User hits a URL siteminder intercepts it and asks for credentials once user successfully logs in he is redirected to servlet where i set few values in Session then i dispatch the control to index.html which has two frames . I am loading two jsp for these frames and in these jsps i am trying to access the session values which i am unable to get .
I am observing this behaviour only in IE9 but IE8 behaves correctly,
First time access works fine second time does not in IE9
Can anybody let me know if change in smsesson incurs changes in httpsession for java app ? i don't think so as Jsession id remains the same.
What could be possible reason for this.
Have you checked if the jsps being called in the frames has the same session id as the one in the servlet?
To give you background on SMSESSION and JSESSION:-
The SMESSION id cookie keeps getting changed by the web agent periodically and is usually tagged to the base domain. Example - If the application is hosted at a.b.com - the JSession ID will typically be set to the domain a.b.com and the SMSESSION will be set to the b.com domain. This is the default Siteminder behaviour since it assumes that all applications in the b.com domain need the cookie for SSO. You can change this using the ACO for the agent by either setting the domain name explicitly or setting the scope of the domain that needs to be used.
Unless your application has logic which depends on the value of the SMSESSION id and modifies the java session, the JSessionID cookie is not impacted by the change in the value of SMSESSION
After doing analysis i found that it was 304 response for the servlet which was causing issue. When application was accessed first time there was no issue but next since when i try to run the application it would result into issue because browser would have cached responses , hence server would send 304 response because of this servlet would not be called and session would not be set .
No duplicate of “Server.Transfer from ASP to ASP.Net” ;-)
On an IIS web server (running Classic ASP), I have a local URL that a user is remotely redirected to. Presumably, this call is made with data in the query string or transmitted through POST data. When this request is made, I need to remove this data (especially the query string) server-side, so none will be visible to the client.
For example, the user is led to http://example.com/dir/?data=payload. This is what requested, and this is what the user’s browser will display. Now I need the request resource to strip QueryString and Form data, so that the user ends up in e.g. http://example.com/dir/.
On MSDN, they have HttpServerUtility.Transfer, which adds a boolean to the classic Server.Transfer method allowing to preserve or clear data. However, when I try this in an aspx file transfering to an asp file, I get a 0x80004005 HTTP exception (“No http handler was found for request type 'GET'”).
Is it possible at all to “redirect” from an ASP.NET file to a Classic one?
Is there another, better way to remove request data server-side?
My options would be:
Use a redirect on the page without querystrings: Response.Redirect() This will clear post data as well.
Do a HTTP Request to scrape the HTML of the other page, and view it in your current page.
I would probably do option #1
What is the difference between "Request" and "Response" terminologies in ASP.net?
I am using ASP.net 3.5.
Suppose I have to make somebody understand about these terms. What should i say ?
The Request is what a web client sends to the web server. The Response is what the web server sends - well, in response. Both are defined in the HTTP specification. (How they are structured, what information and meta data they include, etc.)
ASP.Net encapsulates these concepts in respective classes to make them programmatically accessible.
Edit: Specific examples as requested in the comments:
Request.QueryString
If you have a URL like the following:
http://www.host.com/Page.aspx?name=Henry&lastName=Ford
The part after the ? is the query string. (name=Henry&lastName=Ford <= The query string)
This is one common way to pass arguments to the server as part of the Request. In your server code you can access these arguments by using Request.QueryString:
string name = Request.QueryString["name"];
string lastName = Request.QueryString["lastName"];
Response.Redirect
Your server received a Request for a page and you want to redirect to another location. With the Response.Redirect() method, you add a specific piece of information to the Response that causes the browser to immediately go to this other page.
// This tells the browser to load google
Response.Redirect("http://www.google.com");
There is a IIS (Internet Information Services) Server.. In ASP.Net, you can Request for data from the server, and what the server sends you is a Response
Pls Help me, In my application I am storing some values in session. When I host the application in the server and store the session values in a page and redirect to another site and returning back to the domain I am unable to retrive the session values, but If I do the same in local host server, I am getting all the session values back, can anybody explain me the reason...???? I have set session mode as Inproc..
ASP.NET session (by default) is cookie based - so you need to check two things:
If session cookie with original request is being send with the next request to your domain (this will need domain name to be same for both requests)
Whether session is getting timed out at server end
H
Regarding this URL
http://www.codeproject.com/KB/aspnet/FlashUpload.aspx
User.Identity as System.Web.Security.FormsIdentity is always null, because the Identity is GenericIdentity, I assumed it will be as in the tutorial FormsIdentity, what is chances.
Thanks
Rather than Casting to FormsAuthentication, Simply get the cookie .ASPXAUTH (or the name specified in the web.config) and send it to flash and then let flash put it as a POST variable while uploading, then Read Request.Forms[POSTVariable] and create the FormsAuthenticationTickt as illustrated by the tutorial in the question.
This is the problem with Flash, and it has nothing to do with your server side code and here is why.
When Flash makes web service calls, http service calls to the same domain it came from, it regains cookies and in turn the each calls are made within your session (ASP.NET Session), but when you upload something flash does not send cookie (A bug reported to adobe with no response till date).
This is the reason FormsIdentity is null, because ASP.NET Server needs cookie in order to assign FormsIdentity to properly authenticated user request.
Thats why when you upload, you will never get the session, the work around this is, we pass a custom authentication hash in querystring that we can validate on the server side.