Hey Joe,
Any further progress? If anything else we can help, please feel free to
post here.
Thanks,
Steven Cheng
Microsoft Online Support
Get Secure!
www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
--------------------
| X-Tomcat-ID: 132683453
| References: <OB3GHF2#
[email protected]>
<u23XlH2#
[email protected]>
<Gvc$$M6#
[email protected]>
<e3Z01w8#
[email protected]>
| MIME-Version: 1.0
| Content-Type: text/plain
| Content-Transfer-Encoding: 7bit
| From: (e-mail address removed) (Steven Cheng[MSFT])
| Organization: Microsoft
| Date: Fri, 09 Dec 2005 07:52:52 GMT
| Subject: Re: Share session between secure and non-secure applications
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| Message-ID: <
[email protected]>
| Newsgroups: microsoft.public.dotnet.framework.aspnet
| Lines: 133
| Path: TK2MSFTNGXA02.phx.gbl
| Xref: TK2MSFTNGXA02.phx.gbl
microsoft.public.dotnet.framework.aspnet:363797
| NNTP-Posting-Host: tomcatimport2.phx.gbl 10.201.218.182
|
| Hi Joe,
|
| For SSL securing, based on my understanding , IIS server support
| configuring the SSL protection setting(requiring secure channel) based on
| virtual dir level( not application level). So you can put those two
| applications into one asp.net application and in different sub folder.
| Then, we can configure different ssl protection for them....
|
| Also, for data deleting when using sqlserver as backend data storage, we
| may need to manually create a background service(using a background
thread
| to monitior and deleting expired data or using Sqlserver Agent's Job....)
|
| Thanks,
|
| Steven Cheng
| Microsoft Online Support
|
| Get Secure!
www.microsoft.com/security
| (This posting is provided "AS IS", with no warranties, and confers no
| rights.)
|
|
| --------------------
| | From: "Joe" <
[email protected]>
| | References: <OB3GHF2#
[email protected]>
| <u23XlH2#
[email protected]>
| <Gvc$$M6#
[email protected]>
| | Subject: Re: Share session between secure and non-secure applications
| | Date: Thu, 8 Dec 2005 02:51:32 -0500
| | Lines: 97
| | X-Priority: 3
| | X-MSMail-Priority: Normal
| | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| | X-RFC2646: Format=Flowed; Original
| | Message-ID: <e3Z01w8#
[email protected]>
| | Newsgroups: microsoft.public.dotnet.framework.aspnet
| | NNTP-Posting-Host: 69.37.58.70.adsl.snet.net 69.37.58.70
| | Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP11.phx.gbl
| | Xref: TK2MSFTNGXA02.phx.gbl
| microsoft.public.dotnet.framework.aspnet:363576
| | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| |
| | Hi Steve,
| |
| | I would like to use a single application but I don't see how I can do
| that
| | since there are two different locations (same machine though) for the
| secure
| | and non-secure pages.
| |
| | I was trying to use cookies like Marina suggested but these can't be
| shared
| | either.
| |
| | If I go the database route, how do I know when to delete the records?
| |
| | -Joe
| |
| | | | > Thanks for Marina's inputs.
| | >
| | > Hi Joe,
| | >
| | > For sessionState, different ASP.NET application can not share the same
| | > sesstion storage (no matter what session mode it uses....). I'm also
| | > wondering whether it possible that you combine the wo application
into
| one
| | > single asp.net web application, that'll make share ASP.NET states
quite
| | > simple. In addition, if we do need to make those two application part
| | > separated and share some datas, I think some other persistence
storage
| | > such
| | > as database storage.....
| | >
| | > Thanks,
| | >
| | > Steven Cheng
| | > Microsoft Online Support
| | >
| | > Get Secure!
www.microsoft.com/security
| | > (This posting is provided "AS IS", with no warranties, and confers no
| | > rights.)
| | > --------------------
| | > | From: "Marina" <
[email protected]>
| | > | References: <OB3GHF2#
[email protected]>
| | > | Subject: Re: Share session between secure and non-secure
applications
| | > | Date: Wed, 7 Dec 2005 14:10:30 -0500
| | > | Lines: 30
| | > | X-Priority: 3
| | > | X-MSMail-Priority: Normal
| | > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| | > | X-RFC2646: Format=Flowed; Response
| | > | Message-ID: <u23XlH2#
[email protected]>
| | > | Newsgroups: microsoft.public.dotnet.framework.aspnet
| | > | NNTP-Posting-Host: gw.deltek.com 63.72.155.97
| | > | Path:
TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09.phx.gbl
| | > | Xref: TK2MSFTNGXA02.phx.gbl
| | > microsoft.public.dotnet.framework.aspnet:363457
| | > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
| | > |
| | > | I don't think you would want to store things like that in session.
If
| | > the
| | > | user timesout because they left for lunch, then come back and click
| | > | something they will have an empty cart because they will have a new
| | > session.
| | > |
| | > | Additionally, there is no way I know of to share data between two
| | > different
| | > | applications.
| | > |
| | > | Is there a reason this wouldn't all just be one application?
| | > |
| | > | Regardless, I recommend you store cart contents in a cookie or
| something
| | > so
| | > | you are not dependent on session state.
| | > |
| | > | | | > | >I have an application which runs in a non-secure environment. I
also
| | > have
| | > | >an application that runs in a secure environment (both on the same
| | > | >machine). Is there any way to share the session data for this?
| | > | >
| | > | > Most of the site allows the user to add things to a cart
| (non-secure),
| | > | > once they choose to check-out, I need this information which was
| | > stored
| | > in
| | > | > the session to be read by the payment page(secured).
| | > | >
| | > | > Hope this makes sense. It's probably not the best way to handle
it.
| | > Any
| | > | > suggestions are more than welcome.
| | > | >
| | > | > Thanks,
| | > | > Joe
| | > | >
| | > |
| | > |
| | > |
| | >
| |
| |
| |
|
|
