Solved

Write Session Data to iFrame

Posted on 2011-02-25
7
536 Views
Last Modified: 2012-08-13
I have an asp page, as seen in the attached. As you can see, the page use a Session to get the Username/Password and allow access.

I'm displaying this page in an iFrame, on machines on different domains. What I'm looking to achieve is to somehow pass the Username/Password into the session within the iFrame, so that I can navigate around the site without having to go to the login page first. Currently if I try to navigate to any other page than the Login.asp, I get a 'Session Expired' error, and it redirects to the login.asp page. So, if I can somehow pass the username and password into the remote session, via the iFrame, it should allow my to login.

The site is managed by oursleves, so some changes can be made to the login.asp page attached. LOGIN.txt
0
Comment
Question by:wint100
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 15

Expert Comment

by:pateljitu
ID: 34981541
Pages where you navigate via <iframe> you could pass querystring something as example

<iframe id="some_iframe" src="someiframpage.asp?username=test&password=password"
width="100%"  height="90%" scrolling="no" frameborder="0"> </iframe>

and within iframe pages have common include file that checks if you have session created based on the querystring value passed, if not create session and logon.

As you mentioned iframe pages are loading from different domain, same session cannot be used you would need to create session value based on domain you load page from.
0
 
LVL 1

Author Comment

by:wint100
ID: 34981572
Sounds complicated, I'm trying to keep this as simple as possible.

I'm already passing querystring, with uname and pword, and also a parameter to forcelogin. This is all done on the login.asp page only though, no other asp pages have the code to work with the parameters passed. They only check to see if an active seesion exists, but I'm not sure how this is done. There are reference to include files in the other asp files, so maybe this is how it is checking the session.
0
 
LVL 15

Expert Comment

by:pateljitu
ID: 34982126
It would be helpful if you could provide example how iframe is used on page, also noticed in code login.asp

' Added to 3.33 R2's LOGIN page to allow auto-login
Dim forceLogin
if (Request("forceLogin") = "true") then
  forceLogin = 1
  Response.Cookies("SavedUserInfo")("UserName") = AdminObj.Mask(UCase(Request("UName")))
  Response.Cookies("SavedUserInfo")("UserPass") = AdminObj.Mask(UCase(Request("UPass")))
else
  forceLogin = 0
end if

querystring parameter are uname and upass, just want to clarify you using correct parameter name, as you mentioned pword as parameter in your earlier comment.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:wint100
ID: 34982149
That was just an example. The auto login works fine, and just trying to bypass te login page all together which is only possible is a valud session is active.
0
 
LVL 15

Expert Comment

by:pateljitu
ID: 34998161
Without a working sample it is a bit tricky to resolve problem.

Just to get more idea how session needs to be utilized, trying an example, please correct me

www.example.com
This domain is where login.asp resides and is working fine and able to login user and create session. Page that loads in iFrame is on the same domain i.e. www.example.com

OR

page that loads in iFrame is on another domain for e.g. www.example2.com.
0
 
LVL 1

Accepted Solution

by:
wint100 earned 0 total points
ID: 34998178
Hi,

I found a parameter on the destination page that allowed a Referer, so I was able to bypass the need for writing the session data, as it is now handled on the Page itself.

thanks
0
 
LVL 1

Author Closing Comment

by:wint100
ID: 35042518
Problem resolved
0

Featured Post

MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to write a Context Sensitive Help (an online help that is obtained from a specific point in state of software to provide help with that state) ,  first we need to make the file that contains all topics, which are given exclusive IDs. …
This article describes how to create custom column layout styles for Bootstrap. The article uses 5 columns to illustrate the concept, but the principle can be extended to any number of columns.
In this tutorial viewers will learn how to embed videos in a webpage using HTML5. Ensure your DOCTYPE declaration is set to HTML5: "<!DOCTYPE html>": Use the <video> tag to insert a video. Define the src as the URL of your video; this is similar to …
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question