Q
Problem solve Get help with specific problems with your technologies, process and projects.

Moving from non-secure to secure pages without losing valid session

I have an e-commerce Web site that makes use of SSL during the checkout process. However, when a user moves from the non-secure pages to the secured pages, the session is no longer valid. I store shopping cart info in the session and had to resort to passing a session id to the secure URL so I can recover the cart. Is this problem because I'm using secure and non-secure pages, or because of the sub-domain changes? For example, non-secure pages are at www.mydomain.com and secure pages are at secure.mydomain.com.
A session is tied to a single AppDomain. An AppDomain in ASP.NET is tied to a Web application. If you're redirecting to a different subdomain, most probably you're redirecting to a different web application (i.e. different IIS Virtual Directories), therefore, a new session will be created.
This was last published in February 2004

Dig Deeper on .NET development community

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudComputing

SearchSoftwareQuality

TheServerSide.com

SearchCloudApplications

Close