Sharing ASPAUTH cookie between IE and a hosted Windows Form Control

[Wells Caughey]

Hello everyone,

I have a situation where I am hosting a windows forms based control on a web
page in IE. Because the windows forms app uses web services to get and set
data on the server I need to make sure that it has a secure context in which
to talk to the sever. What I am doing now is using a PARAM tag to pass the
user's .ASPXAUTH cookie to the windows forms app. Once the Window forms app
receives this cookie it then adds it to the CookieContainer in the
webservice proxy object and from there on out the windows forms app shares
the user's session with IE.

All this seems to work well, except for when a user uses the windows forms
app for a period longer than the time out on the cookie. In such a case it
is my assumption that the windows forms app may cause ASP.NET to issue a new
..ASPXAUTH cookie there by making IE redirect to the login page as soon as
the user attempts to navigate to a new page.

In my tests this has never happend, but I want a confirmation of my
assumption: will ASP.NET change the value of the .ASPXAUTH cookie so long
as it continues to receive requests (via IE or the windows forms app) in
intervals shorter than the cookie's timeout.

Thanks
Wells Caughey

 

[Wells Caughey]

Hmm, nevermind... It turns out I had a major bug in my authentication logic
and I'll just have to find another way to do this.

Wells