Session Variables

<rogueripper>

Hi there!

Scenario:
I have 5 client machines running an ASP System inside an hta. (controlled environment)
All 5 client machines has Windows 2000 pro installed and IE 6 as the Web browser.

Whenever the clients logs onto the ASP System, their "user_id" gets stored into a session variable.

e.g:

Session("User_ID") = rst("User_ID")

Problem:
4 of the 5 machines actualy recocnizes the Session variable.
The other machine does not even pick it up! (i check for it inside a popup window)

I opened IE6, set the Security settings for Internet, Intranet and Trusted Sites to the lowest possible settings- enabling all, anonymous loggon, accept all cookies, refresh at every visit etc.

Again- 4 out of 5 machines this is working perfectly, it is just one machine (with the exact same IE security settings) that does not recocnize the Session variable.

I tested the ASP System inside the IE 6 browser (without using hta) and then the Session variable is recocnized, it is only as soon as the hta is running that it loses the Session variable.

Any specific securities I need to change for the hta, if so how do I go about doing that?

(o: aaargh! I am pulling out hair! :o)

Thanx in advance for anybody with a sollution! :o)

</rogueripper>
rogueripperAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ap_sajithCommented:
from a posting in the web..

 After you install security patch MS01-055 for Microsoft Internet Explorer
 5.5 or 6.0, you may encounter the following problems:
 Session variables are lost.
 Session state is not maintained between requests.
 Cookies are not set on the client system.

NOTE: These problems can also occur after you install a more recent patch  that includes the fix that is provided in security patch MS01-055.

CAUSE
Security patch MS01-055 prevents servers with improper name syntax from  setting cookies names. Domains that use cookies must use only alphanumeric  characters ("-" or ".") in the domain name and the server name. Internet  Explorer blocks cookies from a server if the server name contains other  characters, such as an underscore character ("_").
If you have an underscore in your domain name, if you are using frames,  cookies wont work in IE6 for these cases.
 
Because ASP session state and session variables rely on cookies to function,  ASP cannot maintain session state between requests if cookies cannot be set  on the client.

RESOLUTION
To work around this problem, use one of the following methods:
Rename the domain name and the server name, and use only alphanumeric  characters.
Browse to the server by using the Internet Protocol (IP) address rather than  the domain/server name.

NOTE: You may need to change the Microsoft Internet Information Server (IIS)  configuration after you rename a server

Hope this helps...
Cheers!!

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ap_sajithCommented:
more.... here is the complete article about my first post...

http://www.iisfaq.com/default.aspx?View=A508&P=1

Cheers!!
rogueripperAuthor Commented:
<rogueripper>

Hi there ap_sajith!

Your answer is 100% correct! I lose my Session Variables because of the Windows update patches. <grrrrrr>

The reason is for security issues.

I did discover a workaround though:

I create a shortcut with the following line:

"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -k "http://myserver/default.asp"

Where -k = kiosk mode :o)

This works 100%

Thanx again for your speedy response!

</rogueripper>
ap_sajithCommented:
Glad to have helped ... And tell you what.. I've learned something new too.. ;o)

Cheers!!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ASP

From novice to tech pro — start learning today.