开发者

Is it possible to share session state between asp classic and asp.net

We are migrating an ASP Classic website over to ASP.Net. One of the big hurdles is the large amount of data stored in SessionState by the ASP Classic website.

I am looking for ways that session state can be shared between the two applications. I found the following link from microsoft MSDN that describes how to share session with a shared database. Unfortunately it uses the binary formatter to serialize into the database and I have开发者_StackOverflow社区 recently had some bad experiences with said binary serialization.

Does anyone have other suggestions on how to share session state? or alternatives to the binary serialization?


The MSDN article you linked to is the best way. You can use cookies, hidden form fields, querystring parameters, or any number of other "workarounds" but all of them are hacks, and all have problems (security concerns, just don't work right, more work than a total re-write, etc.)


We had to do this for a couple of sites. As far as I know there is no easy way to do it.

If you only have small amounts of data, encrypt that data (using a secure approach like Rijndael) and pass it through the url and decypt it on the other side. Include something like a datestamp in the encrypted value to ensure the link is only good for like 3 seconds or something like that.

If there is more data, store it in a database, then pass the ID to that data in the URL as described above. Same process.

Good luck.

Edit: I should note that as the other posters have noted, as well as the MSDN article, this is not the most ideal scenario, and is probably not bulletproof from a security standpoint, but it is close.


Just write them out to file encrypted and pick them up from the new site. What could be simpler?

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜