We are using a third party web application portal that links to our
ASP.NET application, and experiencing a strange session issue.
The way that it is expected to work is:
1. A user submits a form on the 3rd party app, which, in turn,
redirects the user to the start page of the.NET app in an iframe
(passing some query string parameters).
2. The .NET start page reads the query string parameters, creates some
session values, and then redirects the user to a search page (same
website, different directory).
3. The search page displays data that is session-specific.
For some reason, when the user hits the search page, the Session is
new, with no variables. I've made sure that the session variables are
set before the redirect and also use Response.Redirect("search.aspx",
false);. Also, I've used a http viewer to get the exact URL that the
3rd party application generates for the redirect to the .NET app. When
I use this URL in a new browser window, I get to the search page with
no session issue.
Could this issue somehow be browser frame-related?
I modified the application so that the user goes to a new page, which
opens the start page in a pop-up window. In this case, the user is
able to get to the search page with their session intact.
I'm out of ideas here, but wanted to know if anyone has experienced
any sort of Session problems like this. Am I overlooking anything
obvious?
Environment:
Windows 2003 Server R2, 64bit
ASP.NET 2.0, using SSL
.NET app is using StateServer to handle Session
