Share same SessionId between two asp.net web applications

Question

I used a sql server session mode between two web applications. The session id is created in the ASPState database. I need to share the session id from first application to second without using querystring and cookies. I followed the steps from this link. Below is the code.
In both apps (web.config)

<add name="DBConnection" connectionString="Data Source=localhost;DataBase=ASPState;Integrated Security=True;uid=sa;pwd=password-1" providerName="System.Data.SqlClient"/>

<sessionState mode="SQLServer" sqlConnectionString="DBConnection" allowCustomSqlDatabase="true" regenerateExpiredSessionId="false" cookieless="false" timeout="1" ></sessionState>         

<machineKey validationKey="566A547C407CB0C47ABAEC581B8B90C45E15039806352E4611B35E0FB70C1C096350A4BBAE816191331DCA55874D3F96B41FFDED4C6A913591684A90825F53A0" decryptionKey="B299127DFC22648C2EF92D7EDF2E4960277F562C60F3BDE4A4C3BFDFEA602FDF" validation="SHA1" decryption="AES" />
<modules runAllManagedModulesForAllRequests="true">    
<add name="BasicAuthenticationModule" type="UserAuthenticator" />
</modules>

In first app Home.aspx.cs

protected void imgBTN_Click(object sender, EventArgs e)
{
   string sessionKey = HttpContext.Current.Session.SessionID;
  //How to transfer the same session id to the second application
   Response.Redirect("http://localhost:43392/PartnerHome.aspx"");
}

I got the session key from ASPState database. But how to pass from the same session id to the second application ?

You can POST the session key to specific page in second application. — VinayC, Jan 10 '13 at 09:46
@VinayC : how to post the session key to specific page. any example. — kk1076, Jan 10 '13 at 09:49
@kk1076, use `WebClient` or `WebRequest` - you will find plenty of examples for doing POST requests with either. — VinayC, Jan 10 '13 at 09:51

score 2 · Accepted Answer · answered Jan 10 '13 at 09:53

2

You can use SessionManager to set the ID to whatever you want in the target site. You just need to pass it via querystring GET or form POST from one to the other:

Source

Response.Redirect("http://localhost:43392/PartnerHome.aspx?SessID="
    + Session.SessionID);

Target

string sessionId = Request.QueryString["SessId"];
bool redirected = false;
bool isAdded = false;
new System.Web.SessionState.SessionIDManager().SaveSessionID(
    HttpContext.Current, sessionId, out redirected, out isAdded);

See SessionIDManager on MSDN

answered Jan 10 '13 at 09:53

Rhumborl

16,349
4
39
45

Is it possible without using querystring – kk1076 Jan 10 '13 at 10:01
Not sure. you would probably need to let the page load in the first app, then use javascript to post a form with the sessionid in a hiddenfield to the other site. It's messy and POST doesn't really give you much more security than GET – Rhumborl Jan 10 '13 at 10:08

Share same SessionId between two asp.net web applications

1 Answers1

Linked