session state and virtual directories

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • pleaseHelp
    #1

    session state and virtual directories

    To better manage our secure site we just separated the registration and
    checkout sections of our web into separate virtual directories. These new
    virtual directories are on the same server as the primary eCommerce website.
    This is an ASP site (not asp.net). When this version goes into production it
    will be on a 2003 server (IIS 6) with a SQL Server backend (located on a
    different server).

    Now when the main server passes control to one of the new virtual webs the
    session information is lost. I'm having problems finding information on the
    web as to how to maintain this information between the web and virtual
    directories. It's imperative that this information remain secure so query
    strings or anything that would pass visible data is not an option.

    If you would either direct me to a source of information or give me some
    idea how you have handled this problem, I would be most appreciative.

    Thank you for your time and help.


    Tags: None
    • Mark
      #2
      Re: session state and virtual directories

      if you right click on the virtual directories and click properties you can
      remove the specific application and give it the same application scope as
      the whole site. this will invariably give you the same session state.
      Mark


      "pleaseHelp " <woody@rohland. org> wrote in message
      news:en8x94rXEH A.2364@TK2MSFTN GP12.phx.gbl...[color=blue]
      > To better manage our secure site we just separated the registration and
      > checkout sections of our web into separate virtual directories. These new
      > virtual directories are on the same server as the primary eCommerce[/color]
      website.[color=blue]
      > This is an ASP site (not asp.net). When this version goes into production[/color]
      it[color=blue]
      > will be on a 2003 server (IIS 6) with a SQL Server backend (located on a
      > different server).
      >
      > Now when the main server passes control to one of the new virtual webs the
      > session information is lost. I'm having problems finding information on[/color]
      the[color=blue]
      > web as to how to maintain this information between the web and virtual
      > directories. It's imperative that this information remain secure so query
      > strings or anything that would pass visible data is not an option.
      >
      > If you would either direct me to a source of information or give me some
      > idea how you have handled this problem, I would be most appreciative.
      >
      > Thank you for your time and help.
      >
      >[/color]


        Comment

        • pleaseHelp
          #3
          Re: session state and virtual directories

          Thank you for the information but I'm not sure that I totally understand. In
          properties of the virtual directory, I deleted the application name. I'm not
          sure what you mean by "give it the same application scope as the whole
          site". Does that mean the same application name?

          I did give it the same application name but when I proceed to the checkout
          section, I now have a new session id (different from the one in the primary
          web) and when I try to access one of the session variables I get object
          required: "[undefined]".

          More help would be greatly appreciated.


          "Mark" <no-mkg6071-spam@nospam.rit .edu> wrote in message
          news:e%23jUH$rX EHA.2840@TK2MSF TNGP11.phx.gbl. ..[color=blue]
          > if you right click on the virtual directories and click properties you[/color]
          can[color=blue]
          > remove the specific application and give it the same application scope as
          > the whole site. this will invariably give you the same session state.
          > Mark
          >
          >
          > "pleaseHelp " <woody@rohland. org> wrote in message
          > news:en8x94rXEH A.2364@TK2MSFTN GP12.phx.gbl...[color=green]
          > > To better manage our secure site we just separated the registration and
          > > checkout sections of our web into separate virtual directories. These[/color][/color]
          new[color=blue][color=green]
          > > virtual directories are on the same server as the primary eCommerce[/color]
          > website.[color=green]
          > > This is an ASP site (not asp.net). When this version goes into[/color][/color]
          production[color=blue]
          > it[color=green]
          > > will be on a 2003 server (IIS 6) with a SQL Server backend (located on a
          > > different server).
          > >
          > > Now when the main server passes control to one of the new virtual webs[/color][/color]
          the[color=blue][color=green]
          > > session information is lost. I'm having problems finding information on[/color]
          > the[color=green]
          > > web as to how to maintain this information between the web and virtual
          > > directories. It's imperative that this information remain secure so[/color][/color]
          query[color=blue][color=green]
          > > strings or anything that would pass visible data is not an option.
          > >
          > > If you would either direct me to a source of information or give me some
          > > idea how you have handled this problem, I would be most appreciative.
          > >
          > > Thank you for your time and help.
          > >
          > >[/color]
          >
          >[/color]


            Comment

            • Jeff Dillon
              #4
              Re: session state and virtual directories

              I don't think the idea suggested will work. You'll have to store/persist the
              session info in a database, and pass a lookup key between pages (hidden form
              variable, querystring, etc).

              When ever you cross virtual directory boundries in standard ASP, you will
              lose session info. .NET has some solutions for this.

              Jeff

              "pleaseHelp " <woody@rohland. org> wrote in message
              news:#2CX6xsXEH A.3016@tk2msftn gp13.phx.gbl...[color=blue]
              > Thank you for the information but I'm not sure that I totally understand.[/color]
              In[color=blue]
              > properties of the virtual directory, I deleted the application name. I'm[/color]
              not[color=blue]
              > sure what you mean by "give it the same application scope as the whole
              > site". Does that mean the same application name?
              >
              > I did give it the same application name but when I proceed to the checkout
              > section, I now have a new session id (different from the one in the[/color]
              primary[color=blue]
              > web) and when I try to access one of the session variables I get object
              > required: "[undefined]".
              >
              > More help would be greatly appreciated.
              >
              >
              > "Mark" <no-mkg6071-spam@nospam.rit .edu> wrote in message
              > news:e%23jUH$rX EHA.2840@TK2MSF TNGP11.phx.gbl. ..[color=green]
              > > if you right click on the virtual directories and click properties you[/color]
              > can[color=green]
              > > remove the specific application and give it the same application scope[/color][/color]
              as[color=blue][color=green]
              > > the whole site. this will invariably give you the same session state.
              > > Mark
              > >
              > >
              > > "pleaseHelp " <woody@rohland. org> wrote in message
              > > news:en8x94rXEH A.2364@TK2MSFTN GP12.phx.gbl...[color=darkred]
              > > > To better manage our secure site we just separated the registration[/color][/color][/color]
              and[color=blue][color=green][color=darkred]
              > > > checkout sections of our web into separate virtual directories. These[/color][/color]
              > new[color=green][color=darkred]
              > > > virtual directories are on the same server as the primary eCommerce[/color]
              > > website.[color=darkred]
              > > > This is an ASP site (not asp.net). When this version goes into[/color][/color]
              > production[color=green]
              > > it[color=darkred]
              > > > will be on a 2003 server (IIS 6) with a SQL Server backend (located on[/color][/color][/color]
              a[color=blue][color=green][color=darkred]
              > > > different server).
              > > >
              > > > Now when the main server passes control to one of the new virtual webs[/color][/color]
              > the[color=green][color=darkred]
              > > > session information is lost. I'm having problems finding information[/color][/color][/color]
              on[color=blue][color=green]
              > > the[color=darkred]
              > > > web as to how to maintain this information between the web and virtual
              > > > directories. It's imperative that this information remain secure so[/color][/color]
              > query[color=green][color=darkred]
              > > > strings or anything that would pass visible data is not an option.
              > > >
              > > > If you would either direct me to a source of information or give me[/color][/color][/color]
              some[color=blue][color=green][color=darkred]
              > > > idea how you have handled this problem, I would be most appreciative.
              > > >
              > > > Thank you for your time and help.
              > > >
              > > >[/color]
              > >
              > >[/color]
              >
              >[/color]


                Comment

                Previous template Next
                Working...