Passing Data From ASP to ASP.NET

[jpsnowjr]

I'm looking for the best way to pass login data from a SingleSignOn
page (written in ASP) to a page in my application (written in ASP.NET).
I'm using Roles-Based FormsAuthentication in my app, but I can't
create the cookie until I have the user's LoginID. So, I'm looking for
a way to retrieve the entered LoginID from the SingleSignOn ASP page in
the Page_Load event of my Start.aspx page. Hope this makes sense...

I can't use the QueryString due to the sensitive nature of the data.
Unfortunately, I don't have any control over the ASP page group, so I
can't suggest they do anything *radically* different than they are now.
They're basically calling my Start.aspx page using a POST via an HREF
tag.

I've read conflicting opinions on whether or not I can use the Request
or even the context.Request objects. Is there truly a way to use
either of these and if so, how? I've tried both but to no avail. Any
alternative solutions?

The thing is....I doubt this SingleSignOn ASP app will be around for
much longer, so I'm fishing for a relatively easy fix to what I hope
will be a temporary problem.

Thank you in advance for any advice you can offer.
Jim

 

[humbleaptience]

I don't see why you wouldn't be able to put that information in a
cookie, despite the fact that it is 'sensitive' as you describe. You
shouldn't have any problem setting a cookie in ASP and reading that
cookie in ASP.NET, at least not if the cookie just contains a number,
and the they are in the same root folder (so that they are in the same
domain, for the cookies).

-Scott

 

[Jim]

Thank you for the suggestion Scott. I agree and will certainly pass
this along to the other group...I'm hoping they'd be willing/able to do
what you suggest.

I'm guessing by your answer that the Request object is a no-go? It
would be ideal if there was something I could do solely within the
confines of my app.

Thanks again,
J

 

[humbleaptience]

Jim -

The request object (i assume you mean using a POST form on the classic
ASP page and then requesting it using Request.Form in asp.net) is
definitely a no-no. I tested it today.

The only difference I've found in cookies between asp.net and classic
ASP is that with any characters besides numbers classic asp does the
equivalent of a Server.URLEncode on the value of the cookie before
putting it in the cookie - asp.net does not. I've found it is still
relatively simple to create cookies in asp.net that the classic asp
page can read easily (again, as long as they are withing the same
domain, usually you have the ASP pages at http://localhost/default.asp
and the ASP.NET in http://localhost/asp.netproject/default.aspx)

-Scott

 

[jim]

Scott,

RE: the Request object...that's kinda what I thought my answer would
be. We'll see what we can do about having them create a cookie in
their ASP app that I'll be able to use in my ASP.NET app.

Thanks for taking the time out to research and reply.

Kind regards,
J