Access HTTP Session Object within VB.NET application

I have an application written in VB.NET that uses the AxWebBrowser control (Microsoft Web Browser). When the application starts, the WebBrowser control navigates to a web page, say http://www.microsoft.com.

From here the application attempts to authenticate the user through the use of a web service. Here's where it gets tough. Say the user is successfully authenticated, it is possible to access the HTTP Session object of the WebBrowser control from within the VB.NET app to set various Session variables to indicate the user has been authenticated?

Thanks in advance,

Ryan
rd9mz3aAsked:
Who is Participating?
 
rdrunnerConnect With a Mentor Commented:
The cookie will only store the Information of the session ID

So you wont be able to extract the information out of it...

It will only contain a Session.ID value... So the contens of the Cookie will be "useless" after the session expired

Basically authentication SHOULD work like this

Server
   Y   Sends Password page
   Y   Sends back cookie with the Session ID
Client
   Y   Password / User *
Server  - Checks if Valid / Stores the result in a Session Variable
   Y   Sends back a page
Client
   Y   Will request futher pages and sends cookie with each request

When i write Web apps you wont even see the Username of the logged in Person anywhere on the client... (Including cookies)

Lemme get a small example code to show you how to access the headder of a request ...

0
 
rdrunnerCommented:
I think MS would not be "that dumb"

What you usually do when you autenticate a user it to Create a  session on the SERVER and then just hand the ID of that session to the browser..(No there is no way to access the Server and manipulate that data...)

So basically the browser knows it belongs to session "2323345" but the server knows when a page is requested from browser "2323345" that that user is authenticated already.

You should never hand over these "status informations" to the client(Browser) since everything on the browser can be manipulated.

Hope this helps
0
 
rd9mz3aAuthor Commented:
If that is the case, it is then possible to access a cookie from within the client application. So instead of storing the authentication information inside a session variable, it is stored inside a cookie variable.
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
Zlatin ZlatevTechnical ArchitectCommented:
Why do you bother with ActiveX AxWebBrowser control and do not utilize dot NET Remoting?
http://dotnetdan.com/articles/misc/mbrI.htm

What exactly you want to achieve with your application?
0
 
Bob LearnedCommented:
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:

Answered by rdrunner

Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

TheLearnedOne
EE Cleanup Volunteer
0
 
Zlatin ZlatevTechnical ArchitectCommented:
I agree.
0
All Courses

From novice to tech pro — start learning today.