session state and virtual directories

[pleaseHelp]

To better manage our secure site we just separated the registration and
checkout sections of our web into separate virtual directories. These new
virtual directories are on the same server as the primary eCommerce website.
This is an ASP site (not asp.net). When this version goes into production it
will be on a 2003 server (IIS 6) with a SQL Server backend (located on a
different server).

Now when the main server passes control to one of the new virtual webs the
session information is lost. I'm having problems finding information on the
web as to how to maintain this information between the web and virtual
directories. It's imperative that this information remain secure so query
strings or anything that would pass visible data is not an option.

If you would either direct me to a source of information or give me some
idea how you have handled this problem, I would be most appreciative.

Thank you for your time and help.

 

[Mark]

if you right click on the virtual directories and click properties you can
remove the specific application and give it the same application scope as
the whole site. this will invariably give you the same session state.
Mark

 

[pleaseHelp]

Thank you for the information but I'm not sure that I totally understand. In
properties of the virtual directory, I deleted the application name. I'm not
sure what you mean by "give it the same application scope as the whole
site". Does that mean the same application name?

I did give it the same application name but when I proceed to the checkout
section, I now have a new session id (different from the one in the primary
web) and when I try to access one of the session variables I get object
required: "[undefined]".

More help would be greatly appreciated.

 

[Jeff Dillon]

I don't think the idea suggested will work. You'll have to store/persist the
session info in a database, and pass a lookup key between pages (hidden form
variable, querystring, etc).

When ever you cross virtual directory boundries in standard ASP, you will
lose session info. .NET has some solutions for this.

Jeff

Thank you for the information but I'm not sure that I totally understand. In
properties of the virtual directory, I deleted the application name. I'm not
sure what you mean by "give it the same application scope as the whole
site". Does that mean the same application name?

I did give it the same application name but when I proceed to the checkout
section, I now have a new session id (different from the one in the primary
web) and when I try to access one of the session variables I get object
required: "[undefined]".

More help would be greatly appreciated.

if you right click on the virtual directories and click properties you can
remove the specific application and give it the same application scope as
the whole site. this will invariably give you the same session state.
Mark


production on
the