?
Solved

Sharing Session State Between ASP.NET and JSP

Posted on 2008-02-11
5
Medium Priority
?
2,125 Views
Last Modified: 2012-05-05
We have 60 odd applications, both in asp.net and JSP , now we are planning to bring all this under one single . COuld any one tell me how to handle sessions (common) across these applications

I want a login page to be common for these applications and session created on login page should be shared across applications .
0
Comment
Question by:P_Ramprathap
5 Comments
 
LVL 56

Expert Comment

by:Ryan Chong
ID: 20873510
sessions are not able to share among different scripting languages, perhaps you can try use a middle storage media, like a database, so that both scripting languages can "talk" with each other.
0
 
LVL 56

Expert Comment

by:Ryan Chong
ID: 20873515
or :

develop a crypto algorithm, that can be use and exchange data between these 2 scripting languages, but then you will need develop this crypto algorithm on both sides.
0
 
LVL 26

Expert Comment

by:Tomas Helgi Johannsson
ID: 20875613
   Hi!

As ryancys says then Sessions and Session variables are bound to the particular
scripting languages/environment and are non-transferable between those env.
You could do it by using a db as ryancys suggested or use the Http-Request/Response  header attribute to transfer data between different scripting env.
http://www.java2s.com/Code/Java/JSP/Request.htm
http://www.java2s.com/Code/Java/JSP/Printtherequestheadersandthesessionattributes.htm

Regards,
   Tomas Helgi
0
 
LVL 27

Accepted Solution

by:
mrcoffee365 earned 375 total points
ID: 20875676
ryancys is right, sessions can't be shared.  However, if you create a common login, in LDAP or your own login db, both application servers can access the login information in the same db.  Look at these resources for setting up a single login for many apps:

IIS and LDAP (through Active Directory):
http://www.dotnetactivedirectory.com/Accessing%20LDAP%20Active%20Directory%20from%20C%20Sharp%20or%20VB%20.NET%20Code.html

Example of JSP integration with an LDAP server:
http://www.jspwiki.org/wiki/ActiveDirectoryIntegration

And a commercial product for managing single signon:
http://www.cafesoft.com/news/2003/cams-iis-web-agent-ships.html

You don't have to develop an encryption algorithm, and you shouldn't.  You can encrypt session information and offer it from either app server (Tomcat or IIS) upon request from the other server.  Or don't encrypt it, but only offer it via https from an authenticated user, which would be the other appserver.  SSL is enough encryption.   If you don't use SSL for encryption, look into these options:
http://www.bouncycastle.org/
http://www.devbistro.com/articles/Java/Password-Encryption

So I would separate the single login problem from the problem of the rest of the session information, because there are good solutions to login, and many different ways of handling sharing private information among app servers.

In fact, I agree with ryancys's first suggestion about using a database to share session information -- except for login, which should be in LDAP.
0
 
LVL 5

Author Comment

by:P_Ramprathap
ID: 20892066
Thanks for the help.It really helped me lot . Trying to implement the same in our enviornment .Thanks again
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If I have to fix slow responding website my first thoughts are server side optimizations: the database may not be optimized or caching is not enabled, or things like that. We often overlook another major part of our web application: the client. We o…
Without even knowing it, most of us are using web applications on a daily basis.  In fact, Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We generally confuse these web applications to…
This video teaches viewers how to create their own website using cPanel and Wordpress. Tutorial walks users through how to set up their own domain name from tools like Domain Registrar, Hosting Account, and Wordpress. More specifically, the order in…
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to selectively show certain fields based on user input using rules to gather relevant information and data from your forms. The rules feature provides you with an opportunity…
Suggested Courses
Course of the Month5 days, 20 hours left to enroll

589 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question