HTTPS -> HTTP Lost Session

if a URL is
https://www.mysite.com/mypage.asp

clients are redirected to
http://www.mysite.com/mypage.asp

This works fine for all but 1 client. He looses a session during the
redirect. Apparently his browser interprets https:// and http:// as
different domains.

View Replies


ADVERTISEMENT

Lost Session Variables Gets Lost

I have a website that has a asp secured members only aria that keeps session variables to check if someone is logged in or not (if session variables are not there then redirect to logon screen) but I also have non members aria and I need a way of asking the user if they want to move away from the members only area or go back to it. I have used an asp to find out if the page is a non member page and if there is a session variable there.

If there is a session variable and is a non member page then I use JavaScript to bring up a confirm box that if the cancel button is pressed then it goes back a page. The problem is that when you go back a page the session variable gets lost. Dose anyone know how to solve this problem or a better way of doing this?

View Replies View Related

Http Or Https

I'm trying to detect if the user is utilizing HTTP or HTTPS in the address
bar. The following code responds true regardless of whether I use HTTP or HTTPS.
What should I be using? In the end, if the user types in HTTP, I will
redirect them to HTTPS.

<%
If Request.Servervariables("https") <> "" Then
Response.Write "this is https...OK!!!"
End If
%>

View Replies View Related

HTTP And HTTPS

I have a site that requires a checkout process. THe checkout process occurs in the secure server. I need to pass session variables from one server to the next.

View Replies View Related

How To Handle Http And Https

I've integrated a secure certificate into my e-commerce site. However, when I forward people to the account log-in area (https) all of the relative links on the page obviously then point to http://www.mydomain/homepage for example.

How do I do what Dabs do, and redirect these links back to non-secure pages, without hard-coding all links as full URLs?

View Replies View Related

Switching Between HTTP And HTTPS

I wish to have a web site that has most of the pages as normal HTTP pages
but has some areas that use HTTPS. I want to have it that if a user selects
a link to a HTTPS page that they go there an there Session Information is
kept. I also wish to have the pages switch automatically to HTTPS if a
visitor types the URL without the HTTPS. So my questions are:
1) How to redirect to a Secure Page without losing Session Info?
2) How to test if page is accessed by HTTPS, and if not switch to HTTPS
quickly?

I think something like this code is what I want but how do I do it.

<%
if not "HTTPS" then
response.redirect(https://mysite.com/securepage.asp)
end if
%>

View Replies View Related

HTTP To HTTPS Redirect

I am using the following code in my default.asp page to redirect the page
from HTTP to HTTPS

<%

if Request.ServerVariables("HTTPS") = "off" Then

Response.Redirect("https://" & Request.ServerVariables("HTTP_HOST") &
Request.ServerVariables("URL"))

End if
%>

I got the code off of a website and found that many web sites had similar
code for doing the same thing. The problem I am having is that the code
will not redirect to the HTTPS and will keep reloading the page. Is there a
setup issue with IIS that I might be missing?

View Replies View Related

Code Works On IE Https But Not Http?

Just to explain what's going on briefly... I've added an include to the top of all files on our site (this code is pasted below) to check IP address, and then some pages will display slightly different content for our Canadian or US customers.

This works fine in Firefox. However, in IE, when a Canadian visitor comes it doesn't display canadian content on the http version of any page. Once they go to a https page, it works just fine. After that, if they go back to an http page it still displays properly. Code:

View Replies View Related

Lost Session

my site apears to be loosing its session variable because it uses dynamically created absolute links. but because the user could have entered the site using any of 4 domains the links might change the domain.

So the user sees no difference but the cart has lost its session. firstly, is this possible? Secondly can I determin the url used to find the site and use that in the dynamic links?

View Replies View Related

Session Lost

I allways loose the Sessionvariables in my asp-pages (I'm using IIS5.0 with
Visual Interdev 6.0).

For Example: when i create a startpage.asp, and type > Session("PersonalNr")
= 456 < he cant remember this value on another page.

when i query this value (for example in endpage.asp):

Response.Write(Session(("PersonalNr")), i get the value 0, because the
session will be restarted (The function "Session_OnStart" will be called
again in the global.asa file)

Does anyone know why ?

View Replies View Related

Session Variables Are Lost

I have a problem with my asp code on an iis 6.0 server on windows 2003
web. When I redirect between to asp pages on my web-site, where pageA is
in a different virtual directory from pageB the session variables value
a lost. I know that it is the session ID there increases. (New session).

If I make the same call in the same virtual directory the session
variables is not lost. Is it some thing about different application
pools? If sow, how can I join two or more application pools regarding
to session variables? If not is there a none coding work around.

View Replies View Related

Session Lost Across Page

What could the likely cause of a session value being lost when one navigates
to another page and attempts to write that session out:

Page 1

session("u_name") = oRS.fields("u_name")

Navigate to Page 2

Response.write Session("u_name")

....."_name" seems to be empty on Page 2.

What am I doing wrong here?

View Replies View Related

ASP Session Lost In IFRAME?

I have a project in which I'm trying to embed one site, that uses
session stored variables, inside an IFRAME in another site (which for
that matter doesn't even use sessions).

Problem is, that it doesn't always save the session. When I try to
access it from some computers, I have no problem, the session variable
is stored and I can browse the site in the IFRAME and everything's ok,
but on other computers, the session variable value simply disappears.

To simulate the situation, assume that the two following html trees are
the site that goes into the IFRAME: Code:

View Replies View Related

Session Variable Lost

currently i working on project in asp, i done everything in my own company server and eveyrthing works fine, when i migrate to customer place server, eveyrthing also working fine, but the only thing doesnt work is session variable, i totally cant get my session variable in the customer place's server. Server in my company and my client is the same, window 2003 server, iis 6.

View Replies View Related

Catch Lost Session

Is there any way in ASP to catch a destroyed session when the user closes their window.

Example.

When a user enters a page, I create a session - Session("blah")="blah" . However when the window is closed, the session is destroyed, but before it's being destroyed, I want to some things.

View Replies View Related

Session Lost In Iframe

I have an mypage.asp page with a button, one can access this page only

if
Session("smth") = 1.
There is also an empty iframe in this page (src is not specified).
When I click the button I will fill the iframe with a page (src =
'another.asp').

For security reasons I check the login session in another.asp and
Session("smth") is empty no matter I have logged before.

In mypage.asp Session("smth") is still on and its value is 1 but it
looks like it gets lost in the iframe.

Any idea why and how to fix this issue?

View Replies View Related

Session State Information Lost

To better manage our secure site we just separated the registration and
checkout sections of our web into separate virtual directories. These new
virtual directories are on the same server as the primary eCommerce website.
This is an ASP site (not asp.net). When this version goes into production it
will be on a 2003 server (IIS 6) with a SQL Server backend (located on a
different server).
Now when the main server passes control to one of the new virtual webs the
session information is lost. I'm having problems finding information on the
web as to how to maintain this information between the web and virtual
directories. It's imperative that this information remain secure so query
strings or anything that would pass visible data is not an option.

View Replies View Related

Lost Session Variables On Redirect

I have a normal login page that (upon clicking submit) checks whether you are part of a particular office and then redirects the user to their particular office's webserver.

The problem i am having is that when i redirect a user, to a securewelcome page, they lose their session variables causing them to have to login again. What am i doing wrong to make these variables get lost in the redirect? Is it because i am redirecting to a different webserver?

View Replies View Related

Lost Session Variables On Server

I have built a site that works/worked absolutely fine on my test server. When I transferred it to a remote web host (the intended permanent home of the site) something very worrying keeps happening to my site.

I use, as is the norm, session variables to store login information. At the top of each page I do a check that Session("isLoggedIn") = "True", and if not then the system logs them back out.

The serious problem is that once you have logged into the site, the next page you try to open it fails the above check and logs you out! Obviously Session("isLoggedIn") is not equal to "True" so it assumes you aren't logged in. So basically the session variables are getting lost/cleared. This makes my site unusable, and is a disaster for it unless I can get a solution.

View Replies View Related

Session Variable Randomly Mixed Or Lost?

Windows 2000 Server SP3
IIS 5.0
NET FRAMEWORK 1.1 SP1

SessionState="InProc"

Antivirus deactivate

No changes on main files (web.config, machine.config, in)

No exist Active Directory (changes in ACL are not exist)

In machine.config LogLevel="All"

No events registered in Event Viewer.

aspnet_wp.exe not recycled never.

Scenario:
Web site accessed by multiple users at the same time. Some user data are
stored in a session variables. Randomly one user view data of another
user.

It ocurrs in two different machines.

What can be?

View Replies View Related

Handle Session Timeout And Lost MemberID

I have a web site where once a user has logged on I store their MemberID in a global variable in the global.asa file.

Then in other pages I find out which member I am dealing with by looking at this variable, ie:

<%
Private lgMemberID

lgMemberID = Session.Contents("MemberID")

%>

I then use this variable to query a database... Code:

View Replies View Related

After Redirect Back From 3rd Party, Session Variables Lost

My ASP page 1 redirect user to third party's website,
after the process at third party is finished, in 3rd
party's page, there is one link to route user back to my
website: ASP page2.

As the user do all of these actions in the same browser, I
expect the user's session variables to be kept, But the
seesion variable are lost.

View Replies View Related

HTTP/1.1 New Session Failed

I get this error when I try to load my site, "default.asp", or any ASP file really. This error comes up inexplicably, once every month or two. I cannot seem to regain access to the site until IIS is restarted. The error is probably caused by something I'm doing in my script, and it seems to be server side in nature.

Has anyone encountered this error before?Does anyone know what would cause this?I'd be happy to offer more information about the server, and/or my script, but I am not very intimate with the server as it is administrated at a remote location by someone else, and I really don't know where to start looking in my script. The web site functions flawlessly for a month or two before this error comes up.

View Replies View Related

Session Cookie In HTTP Header

I'm writing an application to authenticate a user using a challenge
response mechanism. The client and server components of the
application talk over HTTP.

I would like to use an ASP session object to hold a random number on
the server. The code to store the number is written as part of a VB
web class.

When I read the http header returned from my server, I can't see the
session cookie. Why is this? If I create a normal cookie as part of
my web class, it is returned correctly within the header.

I am using HttpQueryInfo the read the header as follows:

blnReturn = CBool(HttpQueryInfo(hOpenRequest, HTTP_QUERY_RAW_HEADERS,
ByVal strBuffer, Len(strBuffer), 0))

View Replies View Related

HTTP/1.1 New Session Failed & Sessions Resetting

I have a Win 2003 SP1 with IIS 6 and host about 40 websites, most of
them useing ASP/VB with access databases. The server is a Dell Dual 2.4Ghz
XEON with 512Mb Ram.

Every few days I get the error 'HTTP/1.1 New Session Failed' and the server
stops showing the sites. It comes right after a bit and then the error comes
back. I have separed the sites into 10 per application pool but it still does it.
Occassionally it will actually look like it is working but the sessions just
keep resetting and the users get logged out every 2 or 3 minutes.

There is a hotifx 838306 which according to MS is in SP1 but according to
everyone else, is NOT. It wont install on SP 1 because it needs another
hotfix first (837001), which will not install because there is a later
version of the 2nd hotfix in SP1. Catch 22!

So my solution is to set up my server to reboot every night at 2am. That
keeps it going.... barely.

People keep saying you don't need to reboot, just recycle the app pools.
Well that does not fix anything, only a cold reboot solves the problem... for
a few hours anyway.

View Replies View Related

Error ASp .NET WEb Service : URL:'http://localhost/WebService1. HTTP/1.1 302 Found"

i'm using windows XP, IIS 5.1, Visual .NET 2003 and SQL Server 2000.

When I open New Project - Visual C# Projects - ASP .NET Web Service -

Location : http://localhost/WebService1

After that i click OK, then it returns error

"The web server reported the following error when

attempting to create or open the web project

located at the following

URL:'http://localhost/WebService1. HTTP/1.1 302 Found"

After that i try this : Code:

View Replies View Related

HTTPS

I find that all the values of the session variables i have created is empty when i use https. I am sucessfully able to use these session variables in the other pages that does not use https.
While making a shopping cart and using https for checkout process. What is the best method to retrieve cart values like item, total etc. Currently i'm using session to access these values in different pages during checkout but the problem is what i have mentioned above when i use https. What method do u prefer and how does it work?.

View Replies View Related

HTTPS And SSL

I have a question regarding https and SSL between two web
sites. I am not quit understand how asp application can
handle https, encryption and SSL. Here is scenario:
An asp application on my web site requires to get form
data from web client and to convert the data with XML
format and send the data to another web site which only
accepts https protocol.
If my site needs to receive information from the remote
web site, then I know a digital certificate needs to be
installed on my side. and https configuration needs to be
implemented on local web server.
However, if all of local side need to do is to send data
to remote web server with data encrypted, do I still need
to install digital certificate and enable https on local
web server? If not, how can I encrypt data with the the
certificate so it can be accepted by remote server and be
decoded by remote server side?

View Replies View Related

SSL-https

I'm in a non-secure page (http). When I click on a submit button, I'm about to enter the secure page (https). But I got the popup saying that I'm about to enter a non-sercure page, wanna continue(yes,no).

If I click YES, it take me to "https" page. This doesn't make any sense at all.

View Replies View Related

When To Use Https

I'm working on an e-commerce site and we've just purchased a secure certificate to transmit a shopping cart to the payment gateway without fear of tampering.

Question is, should the whole site be built on https:// or should only the form which posts to the payment gateway be secure?

View Replies View Related

HTTPS

I need to implement in my site the HTTPS. But I don't know anything about
this. Can someone help me or give me a way to learn about it?

View Replies View Related

Redirecting To Https

I have enforced SSL connections on my website to make it secure. My problem is if the users go to http://wesite-url they get an error message saying:The page must be viewed over a secure channel

The page you are trying to view requires the use of "https" in the address.

Instead of showing this error page, I want to automatically redirect them to https://website-url. Is it possible?? Do I need to to program this in gloabal.asa?

View Replies View Related

Secure Communication Over Https !

I am developing an application over the web(intranet app). Now my problem
has to do with secure communication
between browser and webserver. I want to enable secure communication using
https. Are there any alternatives other than buying certificate for virtual
directory ?

View Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved