Access HTTP Session Object within VB.NET application

Posted on 2003-03-29
Medium Priority
Last Modified: 2008-01-09
I have an application written in VB.NET that uses the AxWebBrowser control (Microsoft Web Browser). When the application starts, the WebBrowser control navigates to a web page, say http://www.microsoft.com.

From here the application attempts to authenticate the user through the use of a web service. Here's where it gets tough. Say the user is successfully authenticated, it is possible to access the HTTP Session object of the WebBrowser control from within the VB.NET app to set various Session variables to indicate the user has been authenticated?

Thanks in advance,

Question by:rd9mz3a
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 11

Expert Comment

ID: 8237673
I think MS would not be "that dumb"

What you usually do when you autenticate a user it to Create a  session on the SERVER and then just hand the ID of that session to the browser..(No there is no way to access the Server and manipulate that data...)

So basically the browser knows it belongs to session "2323345" but the server knows when a page is requested from browser "2323345" that that user is authenticated already.

You should never hand over these "status informations" to the client(Browser) since everything on the browser can be manipulated.

Hope this helps

Author Comment

ID: 8237920
If that is the case, it is then possible to access a cookie from within the client application. So instead of storing the authentication information inside a session variable, it is stored inside a cookie variable.

Expert Comment

by:Zlatin Zlatev
ID: 8238543
Why do you bother with ActiveX AxWebBrowser control and do not utilize dot NET Remoting?

What exactly you want to achieve with your application?
Create CentOS 7 Newton Packstack Running Keystone

A bug was filed against RDO for the installation of Keystone v3. This guide is designed to walk you through the configuration for using Keystone v3 with Packstack. You will accomplish this using various repos and the Answers file.

LVL 11

Accepted Solution

rdrunner earned 2000 total points
ID: 8238559
The cookie will only store the Information of the session ID

So you wont be able to extract the information out of it...

It will only contain a Session.ID value... So the contens of the Cookie will be "useless" after the session expired

Basically authentication SHOULD work like this

   Y   Sends Password page
   Y   Sends back cookie with the Session ID
   Y   Password / User *
Server  - Checks if Valid / Stores the result in a Session Variable
   Y   Sends back a page
   Y   Will request futher pages and sends cookie with each request

When i write Web apps you wont even see the Username of the logged in Person anywhere on the client... (Including cookies)

Lemme get a small example code to show you how to access the headder of a request ...

LVL 96

Expert Comment

by:Bob Learned
ID: 9725663
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:

Answered by rdrunner

Please leave any comments here within the next seven days.


EE Cleanup Volunteer

Expert Comment

by:Zlatin Zlatev
ID: 9728870
I agree.

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A basic question.. “What is the Garbage Collector?” The usual answer given back: “Garbage collector is a background thread run by the CLR for freeing up the memory space used by the objects which are no longer used by the program.” I wondered …
For those of you who don't follow the news, or just happen to live under rocks, Microsoft Research released a beta SDK (http://www.microsoft.com/en-us/download/details.aspx?id=27876) for the Xbox 360 Kinect. If you don't know what a Kinect is (http:…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question