Get A Session / Cookie From Another Domain?

Jan 19, 2010

I've got a session/coockie from a phpbb forum. But i use in the website asp.net (the website has a different url and domain then the forum).

Can i get the session/coockie from the phpbb forum in the asp.net website?

View 1 Replies


Similar Messages:

C# - How To Remove Main Domain Cookie From Sub Domain

Oct 13, 2010

is it possible to remove Main Domain cookie from Sub Domain ?I am using single sign on .On logout i want to remove the maindomain cookie

View 2 Replies

State Management :: How To Keep Current User Session When Redirected To Sub Domain From Main Domain

Feb 17, 2011

I have also installed SSL on a subdomain. I have put payment page under this sub domain.

View 4 Replies

Web Forms :: How To Set Cookie Of Different Domain

Feb 17, 2011

on my website there is one page where i do webrequest to other website with webresponse i also get one cookie that i need to store on browser with same domain of webrequest

problem is that when i add that cookie in my response with domain (which i made webrequest browser ) cookie is not added.

View 5 Replies

Security :: Can't Share Cookie Between Domain And Subdomain

Mar 8, 2010

I have two websites (domain and subdomain), something like this: www.website.ro and en.website.ro and I am trying to share a cookie between them. I have set the cookie domain to "website.ro", I tried setting it to ".website.ro", but it doesn't work. I can only read the cookie in the website that created it.

View 5 Replies

Security :: How To Write A Cookie For A Different Sub-Domain With No Encryption

Aug 10, 2010

I'd like to write out a cookie for a different sub-domain than the one I'm running in. Basically, what I want to do is have a php forum page automatically be authenticated from the asp.net login.That is, I have[URL]When the user log's in to www.mysite.com, I want to write a cookie out that the forum.mysite.com can pick up. It's only going to have the username in it so no encryption is needed. Nothing unsafe best I can tell. I've tried the below code but that still seems to make an encrypted cookie. I need to read it back into php unencrypted.

[Code]....

View 2 Replies

Security :: Keep Authentication Cookie Between Http And Https On Two Different Domain?

Dec 6, 2010

is it possible to preserve authentication for ASP.NET Forms authentication cookie,btween Http and Https (different domains) and back?I mean haveing single signon for two domains say http://www.mydomain.com and https://members.mydomain.comI've seen on quite asp.net sites that have a 'MyAccount' section they transfer the site to https and then when you have logged into your account successfully and gone back to the majority of the site you move back to http whilst still being logged in.

View 1 Replies

State Management :: Session Gets Lost When Set Session Response.cookie

Jan 25, 2011

I need to make my asp.net session cookie as secure but whenever i check user authentication and after that i am trying to set cookie to true then my session lost my user information and so it always redirect login page. I am settings user to HttpContext.Current.Session["user"] and check every time, is user is valid and if valid then move ahead. but before that i make my asp.net session cookie as true.

[Code]....

but after that i observe that somehow "Session_Start" event gets called.

View 1 Replies

Mix Cookieless With Cookie Session Stored Session Data?

Mar 19, 2011

Is it possible to use mixed cookieless sessions with cookie sessions? I've an application that captured user details and then redirect for payment to an ssl page. I was wondering if this is possible? [URL] redirects to [URL] Note: the session Id in the latter url. So in essence, we use the standard cookie session for the majority of the application but when we transfer to an ssl page we pass the SessionId to the https url to pick up the session. I've tried this locally but it starts a new session.

View 1 Replies

C# - Share Session Between Domain And Sub-domain?

May 4, 2010

We're doing a whitelabelled version of our site, which will be hosted at foo.ourdomain.com.

However we need to ensure session is maintained between www.ourdomain.com and foo.ourdomain.com, as our SSL certificate only covers the main domain.

In practice this means we'll swap to the main domain on our payment pages, which run HTTPS, and then redirect back to the subdomain, after payment.

So the question is: How do we maintain the session when doing so ?

I've tried with <httpCookies domain=".ourdomain.com" /> in web.config to no avail :-(

Edit: Figured it out now, I lacked domain on my <forms /> tag to handle login properly.

View 1 Replies

MVC :: How To Use Session And Cookie

Sep 27, 2010

in asp.net mvc, how to use session and cookie ?

I am trying to understand how a login session stored and implemented.

View 1 Replies

Set Cookie To Expire At End Of Session?

Sep 17, 2010

I'm surprised i couldnt find any answers.

How do i set my sessionid in my cookie to expire at the end of session? (when the browser closes or the user has been inactive for a period of tie).

The two solutions i found were

(httpcookie).Expires = HttpContext.Current.Session.Timeout

Which gave me a compile error so i dont know if the user checked his code before posting. And the other was to set the expire date to 1 day ago which my gut says is wrong. How do i do this?

View 2 Replies

What Is The Lifetime For A Session Cookie

Sep 15, 2010

I say until you log out, session times out or you close the browser. But am I right?

I had an interview today and the interviewer wanted to know if I log into a page and closes the browser (without logging off), what happens to the session.

I said that the session will be orphaned. He says no - because their users are able to connect back to the session by just opening up the browser (using a cookie only). I told him that's a persistent cookie - not a session cookie. And I said that if that's the cause, there is nothing preventing the user from exporting the [persistent] cookie to a another computer and starting the session on that computer.

At first he said you can;t export a cookie but when I explained how, he said that he'll look but since many many people including 2 architects came up with the design, it is unlikely they are all wrong.

View 2 Replies

C# - Programmatically Get Session Cookie Name?

Sep 17, 2010

The default cookie name for the Session Id in ASP.NET is ASP.NET_SessionId. It's also possible to change this name to something else like <sessionState cookieName="FooBar" />.

Is there a member to easily access this name like with FormsAuthentication.FormsCookieName?

View 1 Replies

Encrypt Session Id / Other Authenticate Value In Cookie Useful?

May 15, 2010

In web development, when session state is enabled, a session id is stored in cookie(in cookieless mode, query string will be used instead). In asp.net, the session id is encrypted automatically. There are plenty of topics on the internet regarding how you should encrypt your cookie, including session id. I can understand why you want to encrypt private info such as DOB, but any private info should not be stored in cookie at first place. So for other cookie values such as session id, what is the purpose encryption? Does it add security at all? no matter how you secure it, it will be sent back to server for decryption.

Be be more specific, For authentication purpose, turn off session, i don't want to deal with session time out any more store some sort of id value in the cookie, on the server side, check if the id value exists and matches, if it is, authenticate user. let the cookie value expire when browser session is ended, this way. vs Asp.net form authentication mechanism (it relies on session or session id, i think) does latter one offer better security?

View 3 Replies

State Management :: Get New Session Cookie In IE7?

Oct 22, 2010

We have a local homepage, which connect to our production security environment. When I need to test my site in test environment, I need to get fresh cookie (not the one that was sent to me via production security service, when I opened IE with local homepage).

I am getting fresh cookie fine in Mozilla; but in IE I always have production cookie, and this disables my testing. What I should fix here?

View 4 Replies

Security :: Best Way To Connect A Cookie To A Session?

Sep 3, 2010

I usually like to do it the hard way,just to get a feel of what you can do!In ASP.net there is probably a really simple way Forms authentication etc.but this is what I have.I know from previous experience that you should never save a Cookie that contains a password,so how to connect a session to a cookie when the user accesses the website,with saved cookies information.

I though about using a Guid,in the cookie,and then check the database to see if that guid is available,but this could be a sort of password like effect.

[Code]...

View 1 Replies

How To Store Value In Session If In Browser Cookie Is Disabled

Dec 1, 2010

Can i still store value in session if in browser cookie is disabled?

View 2 Replies

Get Session Cookie Name In Medium Trust Level?

Nov 30, 2010

Is it possible to get session cookie name in medium trust level? The code below works in full trust, but throws a security exception in medium trust level.

string sessionCookieName = ((SessionStateSection)WebConfigurationManager.GetSection("system.web/sessionState")).CookieName;

View 1 Replies

C# - Changing Expiry On Session State Cookie

Jun 9, 2010

I'm using ASP.NET Session State to keep track of logged in users on my site. However, one problem I'm running into is that by default ASP.NET session cookies are set to expire when the browser closes. I've tried setting my own ASP.NET_SessionId cookie and modifying the cookie's expiry using something similar to the following code:

Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddMonths(1);

None of these approaches work, they all set a second cookie with the same name. Is there a way of changing the session cookie's expiry?

View 3 Replies

State Management :: Change Session Cookie Name?

Dec 15, 2010

I would like to change ASP.NET session cookie name "ASP.NET_Sessionid" to some other name. I specified <sessionState cookieName="MyCookieName" />. When I use fiddler to view response header, I can see "MyCookieName" with random generated number under cookie section, however, ASP.NET_SessionId also exist there.

View 2 Replies

Sharing Session Cookie Across Two Named Domains?

Jan 19, 2011

I have a .net webapplication with the following domains:

www.domain.com
sub.domain.com
files.domain.com

When a user is logged on to domain.com or sub.domain.com, I'd like them to share session state (i.e. be logged into both domains at once). This is possible to do by setting the domain on the session coookie to be ".domain.com". However, my problem is that the domain "files.domain.com" should not have session state due to security issues (xss attacks from user-made files hosted on that domain is an issue).

Is it possible in ASP.NET to use the same asp.net session id for these two domains, but not the third one?

View 5 Replies

C# - Store Session Cookie For Groups Of Subdomains IIS7?

Jan 6, 2011

I have an application running ASP.NET. I have different domains and different sub-domains. I want the domains to share session with their sub domains.

For Example, the following domains access this application:

[URL]

If a user goes to www.example1.com and print.example1.com, I want it to use the same session. If the user were to go to www.example2.com and print.example2.com, I would want it to use a different session than the *.example1.com.

The way I used to handle it was a hack in page_load that works perfectly in IIS6:

Response.Cookies["ASP.NET_SessionId"].Value = Session.SessionID;
Response.Cookies["ASP.NET_SessionId"].Domain = SiteUtility.GetCookieDomain();

(SiteUtility.GetCookieDomain would return .example1.com or .example2.com depending on the url of the request) Unfortunately, this no longer seems to work for iis7. Each subdomain/domain a user goes to, the user gets a new session cookie.

I then found the web.config entry: '<httpCookies domain=".example1.com" />. This works great for sharing session cookie between example1.com subdomains. Unfortunately, this completely screws up session state for *.example2.com.

View 3 Replies

Security :: Session Varial Expire But Not The FormsAuthentication Cookie?

Feb 20, 2010

I have a littel problem.

In my asp.net application iam using Form FormsAuthentication.... and also use a session var to save a userID..

The problem is that ´when my session espire, the Form cooki is not expired.

I want form cooki to expire, when session expires....how?

Do i have to do it in Session_end event..

How do the code look like?

View 2 Replies

How To Save A Field Username To A Cookie Or Session In Application

Jun 3, 2010

I'm going to ask a user to login first, then when I'm going to save information I'm going to have to save the information and associate it with the logged in user.How should I handle this with session?

View 4 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved