rd9mz3a
asked on
Access HTTP Session Object within VB.NET application
I have an application written in VB.NET that uses the AxWebBrowser control (Microsoft Web Browser). When the application starts, the WebBrowser control navigates to a web page, say http://www.microsoft.com.
From here the application attempts to authenticate the user through the use of a web service. Here's where it gets tough. Say the user is successfully authenticated, it is possible to access the HTTP Session object of the WebBrowser control from within the VB.NET app to set various Session variables to indicate the user has been authenticated?
Thanks in advance,
Ryan
From here the application attempts to authenticate the user through the use of a web service. Here's where it gets tough. Say the user is successfully authenticated, it is possible to access the HTTP Session object of the WebBrowser control from within the VB.NET app to set various Session variables to indicate the user has been authenticated?
Thanks in advance,
Ryan
ASKER
If that is the case, it is then possible to access a cookie from within the client application. So instead of storing the authentication information inside a session variable, it is stored inside a cookie variable.
Why do you bother with ActiveX AxWebBrowser control and do not utilize dot NET Remoting?
http://dotnetdan.com/articles/misc/mbrI.htm
What exactly you want to achieve with your application?
http://dotnetdan.com/articles/misc/mbrI.htm
What exactly you want to achieve with your application?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:
Answered by rdrunner
Please leave any comments here within the next seven days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
TheLearnedOne
EE Cleanup Volunteer
I will leave a recommendation in the Cleanup topic area that this question is:
Answered by rdrunner
Please leave any comments here within the next seven days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
TheLearnedOne
EE Cleanup Volunteer
I agree.
What you usually do when you autenticate a user it to Create a session on the SERVER and then just hand the ID of that session to the browser..(No there is no way to access the Server and manipulate that data...)
So basically the browser knows it belongs to session "2323345" but the server knows when a page is requested from browser "2323345" that that user is authenticated already.
You should never hand over these "status informations" to the client(Browser) since everything on the browser can be manipulated.
Hope this helps