so when you don't use iframe, the result is ok? 2009/7/20 ap <[email protected]>
> > We are using a third party web application portal that links to our > ASP.NET <http://asp.net/> application, and experiencing a strange session > issue. > > The way that it is expected to work is: > > 1. A user submits a form on the 3rd party app, which, in turn, > redirects the user to the start page of the.NET app in an iframe > (passing some query string parameters). > 2. The .NET start page reads the query string parameters, creates some > session values, and then redirects the user to a search page (same > website, different directory). > 3. The search page displays data that is session-specific. > > For some reason, when the user hits the search page, the Session is > new, with no variables. I've made sure that the session variables are > set before the redirect and also use Response.Redirect("search.aspx", > false);. Also, I've used a http viewer to get the exact URL that the > 3rd party application generates for the redirect to the .NET app. When > I use this URL in a new browser window, I get to the search page with > no session issue. > > Could this issue somehow be browser frame-related? > I modified the application so that the user goes to a new page, which > opens the start page in a pop-up window. In this case, the user is > able to get to the search page with their session intact. > > I'm out of ideas here, but wanted to know if anyone has experienced > any sort of Session problems like this. Am I overlooking anything > obvious? > > Environment: > Windows 2003 Server R2, 64bit > ASP.NET <http://asp.net/> 2.0, using SSL > .NET app is using StateServer to handle Session >
