2 Replies - 16284 Views - Last Post: 03 June 2013 - 10:32 AM

#1 albert018   User is offline

  • New D.I.C Head

Reputation: 1
  • View blog
  • Posts: 23
  • Joined: 07-January 13

How to share session between two websites?

Posted 03 June 2013 - 08:30 AM

I have two websites in the same 「Application pool」.

For some reasons, I need to set some value to the session in WebsiteA, then redirect to the WebsiteB.

But the WebsiteB could still get the value in sessions that are set in WEbsiteA.

What I have tried is that I set the Session mode as 「StateServer」.

Because as what I know , after I set it as 「StateServer」 the seesion will be stored in the 「ASP State Service」.

Then the two websites could manipulate the same session.

Unfortunately it doesn't work.

So, is there anyone who get the same as well ?

How did you solve this issue ?

By the way : For security reasons, I couldn't do it by Form's 「GET」 and 「POST」(like QueryString)

Is This A Good Question/Topic? 0
  • +

Replies To: How to share session between two websites?

#2 modi123_1   User is online

  • Suitor #2
  • member icon

Reputation: 15268
  • View blog
  • Posts: 61,206
  • Joined: 12-June 08

Re: How to share session between two websites?

Posted 03 June 2013 - 08:44 AM


What I have tried is that I set the Session mode as 「StateServer」.

Would you elaborate on what you tried? Did you start the service on the actual ASP.NET server? Just enabling it on the page doesn't make it automagically happen! ;)

The other option is store it in the database..

Was This Post Helpful? 0
  • +
  • -

#3 lordofduct   User is offline

  • I'm a cheeseburger
  • member icon

Reputation: 2668
  • View blog
  • Posts: 4,786
  • Joined: 24-September 10

Re: How to share session between two websites?

Posted 03 June 2013 - 10:32 AM

As modi said...

here is the msdn article on StateServer, it seems there's a bit more than just enabling it in the web.config:


StateServer mode stores session state in a process, referred to as the ASP.NET state service, that is separate from the ASP.NET worker process or IIS application pool. Using this mode ensures that session state is preserved if the Web application is restarted and also makes session state available to multiple Web servers in a Web farm.

To use StateServer mode, you must first be sure the ASP.NET state service is running on the server used for the session store. The ASP.NET state service is installed as a service when ASP.NET and the .NET Framework are installed. The ASP.Net state service is installed at the following location:


To configure an ASP.NET application to use StateServer mode, in the application's Web.config file do the following:

Set the mode attribute of the sessionState element to StateServer.

Set the stateConnectionString attribute to tcpip=serverName:42424.

To improve the security of your application when using StateServer mode, it is recommended that you protect your stateConnectionString value by encrypting the sessionState section of your configuration file. For details, see Encrypting Configuration Information Using Protected Configuration.

The following example shows a configuration setting for StateServer mode where session state is stored on a remote computer named SampleStateServer:

<sessionState mode="StateServer"

Objects stored in session state must be serializable if the mode is set to StateServer. For information on serializable objects, see the SerializableAttribute class.

To use StateServer mode in a Web farm, you must have the same encryption keys specified in the machineKey element of your Web configuration for all applications that are part of the Web farm. For information on how to create machine keys, see article 313091, "How to create keys by using Visual Basic .NET for use in Forms authentication," in the Microsoft Knowledge Base at http://support.microsoft.com.

from: http://msdn.microsof...(v=vs.100).aspx

This post has been edited by lordofduct: 03 June 2013 - 10:33 AM

Was This Post Helpful? 1
  • +
  • -

Page 1 of 1