Arrrgggg!!!! https!!!!

  • Thread starter Thread starter Gordon
  • Start date Start date
G

Gordon

How do i move from http to https without loosing the session?
I've just spent ages moving to a cookieless site where the sessionid is in
the url but this doesn't work either.
 
Gordon,

If the session id is in the url I think you should just be able to tack it
on at the end of the url.

I'm assuming that you are using Response.Redirect to move from http to
https.

So:

Response.Redirect("https://www.mysite.com/login.aspx?" &
Request.QueryString)

Should do the trick.

--
Sincerely,

S. Justin Gengo, MCP
Web Developer / Programmer

Free code library at:
www.aboutfortunate.com

"Out of chaos comes order."
Nietzche
 
Gordon,

In that case there could be a few things going on. Is your server in a web
farm? If so the session could be lost if you are reconnecting to a different
server.

If you're using SQL server one answer could be to move the sessions over to
the sql server. Then all sessions are stored in one place. That way they
would even survive a server restart.

To do so you would first change the Web.Config file to store sessions on the
SQL server:

<sessionState
mode="SQLServer"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;
Integrated Security=SSPI"
cookieless="true"
timeout="20"
/>

Then on the web server using the Windows Command Prompt (not the .Net
command prompt):

Change to the folder of the .Net framework version you're using:
cd\WINDOWS\Microsoft.Net\Framework\[version]\

At the command prompt type the following:
OSQL -S localhost -E <InstallSqlState.sql

Security must be configured for the ASPState and tempdb databases.

This article explains the setup in full detail:

http://www.dotnetextreme.com/code/sessionsql.asp

--
Sincerely,

S. Justin Gengo, MCP
Web Developer / Programmer

Free code library at:
www.aboutfortunate.com

"Out of chaos comes order."
Nietzche
 
Back
Top