Session.sessionid
Does session.sessionid change when an app goes from non-secure to secure layer?
View RepliesDoes session.sessionid change when an app goes from non-secure to secure layer?
View RepliesI am running my web application from with in Outlook.I found a strange
problem that it is creating different sessionId if i open a new window
using window.open from with in my application.I am pulling my hair all
along but no solution so far.
my application works fine when i run this in IE.It is Outlook2003
causing the problem.
I have a piece of code on two computers. On my work pc the sessionid is constant and doesn't change. Whereas on my home PC, everytime I refesh the page or go back to it, it increments itself.Can anyone tell me why this is the case, as I thought the Sessionid was individual to each browser session.
View Replies View Relatedwe are implementing WSDPro here for load
balancing. So, when someone comes in they may get
redirected to www1.domain.com, www2.domain.com, etc. When
they first come in, they hit www.domain.com, and then get
redirected to 1, 2, 3 , etc. The problem is, in our
solution, we are setting a session variable before the
redirect, and are losing it as the SessionID is changing
because it is acting like we are changing servers. It is
my understanding that the SessionID is really just a
cookie, and since other cookies can have their domain
changed, this one should as well. Something
like .Domain=".domain", which should handle everything in
from of the domain. We ahve tried to change this in the
Global.asa and got a "you can't do this error", 162 I
believe
I have a simple page that uses session variables. Yes, it's in a
frameset, yes I've look at aspfaq.com, yes I've tried loading the
independet pages in their own window, yes i've tried praying to god.
It works fine every *other* refresh.
the session variables seem to totally disappear, then, upon refresh
they come back, then, upon refresh again, they disappear.
on, off, on, off.
Upon closer inspection, I found that the sessionid is changing. but
not randomly.
I'll get 229104087, then 229063070 the next refresh, then back to
229104087, etc.
wut's up?
When I hit my homepage the first time (e.g. after a reboot), the server variable HTTP_COOKIE is empty. If I reload the page, HTTP_COOKIE has got a value. This makes sense, but I'm looking to request HTTP_COOKIE on the first page hit. Any ASP-based ideas?
(Otherwise I'll program a page reloader...)
i read the "developing active server component with ATL" paper. has anyone develop get session id by ATL? i get some error about illegal call of non static member function.
View Replies View RelatedWhen I create a simple page with this code, the sessionID shows differently
each time I refresh the page.
On every other refresh it is blank, on every other, it is new. What is
happening here?
Dim sessStr as String
sessStr = Response.Cookies("ASP.NET_SessionId").Value
Response.Write("Session ID=" & sessStr)
When a new request is made to the server a new session id is issued to the
client (a browser instance). The problem I’m facing is that session id that
is already assigned to a browser instance is getting recycled for another
browser instance by ASP.NET When the client request is sent to Http server,
the available session id’s (that is already present in the pool) are recycled
from the session pool along with the authentication cookie. Again when a new
request was being done, then available session id is passed on to the client
causing Mix-up of sessions.
The formsauthentication ticket (cookie) is also getting recycled along with
the session cookie session.
Forms authentication ticket is issued if the user selects save me option in
login page. If the user selects save, then the user id is stored in a cookie encrypted
by forms authentication ticket. Code:
how unique the sessionid is in ASP. What is the math behind it's creation, and what are the probobolities of it being reproduced, i.e. 1/10000? or 1 in twenty million? Can someone give me some guidance on this? I'm trying to create some unique numbers for
data assignement, and would like a way that does not replicate.
My session id is expiring too quickly. How can I extend it to last for 30 minutes?
View Replies View Relatedif it is possible to retrieve the session id inside the sub Session_OnEnd in global.asa? This is because i want to delete rows from database based on the sessionID that has just ended.
View Replies View Relatedwo have several sites on a same server and these sites use subdomains of a
top domain,such as www.mycom.com, admin.mycom.com, forum.mycom.com.now we
want these sites to share the session state(such as loginning state),so
,without concerning a web farm or sharing session state among different top
domain, the simplest way to achive this must be to set the domain of the
sessionid cookies asp sent to our top domain.( if it is possible through the
iis metabase , registry or something else . )
If it isn't possible to set the domain of the sessionId coookie asp sent
,then,concerning a web farm or sharing session state among domains, Could you
guys recommand some third-pathy session management asp components or
servers(such as aSMS,but i can't download it anywhere)?
how could I know if a specific sessionid still exists or not. If there is a method or anything that can tell me about the existence of a specific sessionid .
View Replies View Relatedwe've the following problem :
We have an asp-application which sets the cookie on first login. The cookie
will never be touched during user access. The user can work the whole day,
but after 6 to 7 hours, the cookie get 2-4 new asp-sessionid's thus
overwriting the very first entries in the cookie. Does anyone had the same
problem or has a solution. The server is a w2003 enterprise the client has
windows xp sp2.
I use jmail to send email. Version 3.7. I want to send hyperlink in the mail body with sessionid variable. But I dont know how to concatenate it.
Here is the example which dont work.....
how to find the session expired or not without using any session varaibles?
View Replies View RelatedI have a site that I'm trying to migrate to ASP.NET from ASP, and the
foremost stumbling block I'm hitting is session state between the ASP
and ASP.NET applications. In order to access this information, I'm
doing a HttpWebRequest from the ASP.NET side into an .asp page,
passing the session name on the get in order to request it from the
ASP side and write it back to the response stream, giving ASP.NET
access to it. Of course I change sessions each time I make the call
from the ASP.NET side.
Soooooo, I'm thinking to myself, "Self, shouldn't you be able to fake
out the server by getting the session cookie from the initial usage of
the asp, pass that data to the ASP.NET, and use that to send a request
back the ASP side under the appropriate session?"
From a real high level, I enter the site via a .asp page. This page
in turn calls .aspx page from within a frame ......
I want to create an administration page which lists all the current users who are on the site at the moment.
I know coldfusion has this feature built in using the SessionTracker class... does ASP have something similar? If not... is there any way I can just iterate through all the session files on the server...?
I have a site developed using ASP, but each page I enter has a different session id when accessing the site using the domain name of the site. When accessing the site from my network and using the internal IP address, it is OK. Any ideas?
View Replies View RelatedI want the suggestion what is better for use between:
Session.abandon
&
Session.Contents.Remove
I wrote a website, which uses the session to store and track some vars.
Now I am gonna to covert it to desktop application by Activesite compiler 5, however, it doesnot support session , cookie , application() . SO ,I have no idea to find something can instead of session.
My orignal processing: Session -> modify Session var -> store to Database.
There is a problem about ASP session ID. ASP session is implemented by storing session id in a session cookie, but I read this cookie in ISAPI Filter, get a string as following:
ASPSESSIONIDQADCQQTS = IAOFCBBCGDGMDGCNJIKPNBAN
But the real session ID is 554851848. (Real sessionID is sessionID property the ASP session object)
Problem is what is relation between them? And how to get real session ID from cookie session ID.
I did a session("adminlogin")=1, if I post it to the same page, it returns true. But if I response.redirect to another page. This value doesn't exist anymore. This is on the actual server where all the ms security is updated.
The same script worked okay on my test server (the security patch not patched yet.)
Has anyone encountered this? How do you overcome it?
I tried searching the net it says the problem lies with a ms security patch. How I wish I can unintall that patch.
when does a sesson object expire?
- at the end of 20 minutes
- after they close their browser ? does that end the session?
I have a home page in html with two buttons to call my main.asp in another window my problem is:
1-From my home page I open another web page my main menu, this new page have a SessionID. (OK)
2-If I open another web page from the same home page, this new page have the same SessionID as the page open in first step
I want to get a new SessionID for every page I open from my home page and don't want to abandon the first session...
I have asp and asp.net web application. When I run it in IE7 in first tab it
starts a new session. When I open second tab and browse to the same site the
new session is not started (infact I need to have new session there).
Whereas, 2 IE instances generate 2 unique sessions. Only issue is with IE
tabs. Firefox also has similar things but lets not talk about firefox here.
I am more concerned with IE only.
In my login script I set session("User") = rs("User") the session timeout is set to 20 min
Do I need to setup some kind of update session variable on each page so that the timeout does run out or does iis update the variable aslong as I'm browsing the website ?
And another thing, <% application("something") %> works fine on my test server but once I implement it onto the main webserver I dont get any text out, is there some kind of switch that enables this function ?
How can I know if a user session had timed out ?
I always get an error in my asp page when I try to access
my session variable if it timed out.
My buttons default as you can see in the code. But I now want to take what is already choosen in database and chose apropriate button. Can I use a session to choose a radio button?
Code:
<TD><b><font face="Arial" color="#000080">Password</TD>
<TD><input type ="text" value="<%=Password %>" input name="Password" size="50" ><input type ="Hidden" value="<%=userNumber %>" input name="userNumber" size="50" ></TD>
</TR>
<TR>
<TD><b><font face="Arial" color="#000080">Billing Choice</font></b></TD>
<TD><fieldset style="padding: 2">
<input type="radio" value="Monthly" checked name="R1">Monthly
<input type="radio" name="R1" value="Quarterly">Quarterly
<input type="radio" name="R1" value="Annually">Annually</fieldset><p>Hold
Billing Date <input type="text" name="NextBillDate" size="20" Value=<%=NextBillDate%>></TD>
</TR>
I am using the session(loggedin) to see if a user is logged into that section of the site. The problem is that it is timing out on them, is there a way to define the length of the session (I think it times out at 10 or 20 mins currently), but to extend it to an hour or so. Any thoughts.
View Replies View RelatedI've developed a shopping cart app in ASP, to secure transaction by SSL, it 've put only the checkout page in SSL but all other pages i.e. product, cart etc remains on non SSL connection. How can I track user session from non SSL to SSL checkout page as the SessionID changes when shifting to SSL (to prevent session stealing/ hijacking). I'm tracking user session by putting SessionID in cart DB with products. Given below the preview of cart table ....
View Replies View RelatedI'm trying to only show part of my page based on a variable, I have two
Session Variables -
Session("EMPLOYEEMAXUSERS")
Session("EMPLOYERUSERS")
Now what I'm trying to do is -
ShowIf Session("EMPLOYERUSERS") < Session("EMPLOYERMAXUSERS")
I can't get this to work though