Solved

Sharing session information across two web applications

Posted on 2008-10-06
6
691 Views
Last Modified: 2012-05-05
We have two ASP.net web applications AppA and AppB under the same domain, is it possible to preserve session information from App A to App B ?  Users from AppA are redirected to AppB with information (login and other crtitical data) being transfered by query string to AppB. Now is it possible to maintain reliable distinct session for each user being transfered between the two applications ?

I noticed some user information was being mixed up with the others, is a query string not a good solution for this purpose ?
0
Comment
Question by:byte1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 20

Expert Comment

by:informaniac
ID: 22656605
You could have a look @ storing the Session in a sql server d/b.
0
 

Author Comment

by:byte1
ID: 22656612
Yes, I am aware of that option, but would using the query string transfer method not create a unique session ?
0
 
LVL 20

Expert Comment

by:informaniac
ID: 22656621
How are u sending the session information currently?

Response.Redirect("url"+SessionInfo) ?? something like this?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:byte1
ID: 22656644
yes, thats how i send information over to AppB.

What i am interested in knowing is under the same domain, is every call to AppB unique with a unique session id.
0
 
LVL 20

Expert Comment

by:informaniac
ID: 22656702
If I'm not mistaken, if u r redirecting from appa to appb then the session id should remain the same
0
 
LVL 14

Accepted Solution

by:
Ramuncikas earned 500 total points
ID: 22656845
Hello

As a matter of fact each ASP.NET application has it's own session navigating from AppA to AppB will create a new session on AppB while session on AppA will be still active. Even if SessionIDs on both applications are the same Sessions as instances are two different objects and there is no straight forward way to share info between them. If you come back to AppA from AppB before session expires on AppA you will use the same session object.

Sql Session state management is way to go, but you have to keep in mind to major cons:
 - Sql Session state management is about 30% slower then standard InProc Session state management
 - If you want to use Sql Session state management all objects stored in Session have to be serializable. That means there is no problem to store int, string and even datatable into session. But there is a problem to store custom class becuse and it should implement ISerializable interface

I would suggest you two solutions:
1. Do the same as you do now just take ALL query string, encrypt it and pass encryption result as a query string. Safer but not safe enough.
2. Use database to store/retrieve data to be passed among two applications. This might be slower then query string but safer for sure. And this will be even faster then managing Session state in Sql because Sql Session state management will query database many more times then you storing retrieving data on cross-application navigation

If you use Forms authentication in both of your applications you could also implement Single Sign-on (SSO).
http://www.codeproject.com/KB/web-security/aspnetsinglesignon.aspx
(there are many more articles, just ask google :) )
If additional info you want to have in both applications is user relevant then you could extend Users table and have that info stored/read from there.

HTH
R
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Amazon S3 .Net error 5 40
C# Windows app updating JSON file error. 9 39
Coding for the first time 9 67
Updating a single record in forEach using C#/Entity 7 25
Calculating holidays and working days is a function that is often needed yet it is not one found within the Framework. This article presents one approach to building a working-day calculator for use in .NET.
Real-time is more about the business, not the technology. In day-to-day life, to make real-time decisions like buying or investing, business needs the latest information(e.g. Gold Rate/Stock Rate). Unlike traditional days, you need not wait for a fe…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question