Solved

Maintain session between domains

Posted on 2006-07-03
12
697 Views
Last Modified: 2012-05-05
Hi Experts

I'm trying to maintain a session between two different domains (one SSL) without filling the address bar with session info. Can anyone point me in the right direction?

Play.com seem to manage it:
http://www.play.com/HOME/HOME/NAVMAIN/5-/Home.html
https://www.playsecureserver1.com/Order.asp



Thanks Paul
0
Comment
Question by:chiii0ut
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
12 Comments
 
LVL 19

Expert Comment

by:DreamMaster
ID: 17031169
How about using a component for it?

http://www.groat.com/sessionfarm/implement.asp

That seems to work.

Regards,
Max.
0
 
LVL 1

Expert Comment

by:jh71283
ID: 17036638
Are the 2 domains hosted on the same server / do they share a database?

I think that is how play.com do it - a shared database.

I think it is more for show than anything else - Joe public will be more impressed... "Ohoh Play must be a very secure system.... look.... playsecureserver1.com"

Whereas us techies know that that is unnecessary.
0
 
LVL 3

Author Comment

by:chiii0ut
ID: 17036943
Hi DreamMaster  - I'd like to check out the options available before looking at an addin but thanks anyway

jh71283 -

Both domains are on ns1.dotnetted.com. The SQL database is available from either domain via dsnless connection

Dotnetted has said that the common ways of maintaining sesssion info are:
post the information from one page to the other via a form (or query string) or to save that info to your database, move to the other 'site' and then retrieve the info back from the database.

They also have a page dedicated to session state:
http://www.dotnetted.co.uk/support/dotnetted/net_session_state.asp

It's new to me and I was hoping someone could pick the bones out of what's available and post a bit of sample code in here?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Expert Comment

by:jh71283
ID: 17037244
Will your users have a login portal? If so, this will make it easier for this task.
0
 
LVL 1

Expert Comment

by:jh71283
ID: 17037269
or, is it acceptable for you to have a guid passed in the querystring?

This all depends on your reasons for not using querystrings in the first place, eg if it is to look neat, or so that sensitive info is not visible iin the address bar...
0
 
LVL 1

Expert Comment

by:jh71283
ID: 17252827
I assumed the issued was resolved, as there was no response to my queries.
0
 
LVL 19

Expert Comment

by:DreamMaster
ID: 17254895
It would at least not have hurt for chii0ut to have come back to the question and ask for more help if our suggestions had not helped at all.

Regards,
Max.
0
 
LVL 3

Author Comment

by:chiii0ut
ID: 17255413
Yes - very sorry about that :(

This is where the site is at the moment:
http://chilcouk.spike.dotnetted.co.uk/PS2_Games.aspx

It's on temporary space until it's ready to move the domain over.

If you click on the login tab, it takes you to a temporary ssl folder which to be honest I'm not sure if it's just a subfolder or a virtual directory - I've emailed the isp and will post their comments if this thread is kept open.

0
 
LVL 3

Author Comment

by:chiii0ut
ID: 17255677

The hosting co replied:

"As you're using shared SSL the ssl enabled URL will be under a different domain to the rest of your site and session state will be lost - there's further information on this here : http://www.dotnetted.co.uk/support/dotnetted/ssl_shared_cert.asp  "

"Whereas a full cert would work fine - you could swap between http://www.chilloutgames.co.uk and https://www.chilloutgames.co.uk without losing session information."



0
 

Accepted Solution

by:
ee_ai_construct earned 0 total points
ID: 17389806
PAQ / Refund
ee ai construct, community support moderator
0

Featured Post

[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses the ASP.NET AJAX ModalPopupExtender control. In this article we will show how to use the ModalPopupExtender control, how to display/show/call the ASP.NET AJAX ModalPopupExtender control from javascript, how to show/display/cal…
Introduction This article shows how to use the open source plupload control to upload multiple images. The images are resized on the client side before uploading and the upload is done in chunks. Background I had to provide a way for user…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question