Home/ Questions/Q 8756735
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-13T14:08:38+00:00

We have a website in classic asp that we are slowly migrating to ASP.NET

  • 0

We have a website in classic asp that we are slowly migrating to ASP.NET as necessary.

The problem of course is how classic asp and ASP.NET handle Sessions. After spending the last few hours researching the web, I found many articles, but not one that stood out over the others.

Is there a best practice for transferring session variables from and to classic asp and asp.net? Security is a must and any explanation with examples is much appreciated.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    A simple bridge to pass a single session variable from classic asp to .net serverside (hiding your sessionvalue from the client), would be this:

    • On the ASP end: An asp page to output your session, call it e.g. asp2netbridge.asp

      <%
'Make sure it can be only called from local server '
if (request.servervariables("LOCAL_ADDR") = request.servervariables("REMOTE_ADDR")) then
    if (Request.QueryString("sessVar") <> "") then
        response.write Session(Request.QueryString("sessVar"))
    end if
end if
%>

    • On the .net end, a remote call to that asp page. : 

      private static string GetAspSession(string sessionValue)
 {
    HttpWebRequest _myRequest = (HttpWebRequest)WebRequest.Create(new Uri("http://yourdomain.com/asp2netbridge.asp?sessVar=" + sessionValue));
    _myRequest.ContentType = "text/html";
    _myRequest.Credentials = CredentialCache.DefaultCredentials;
    if (_myRequest.CookieContainer == null)
        _myRequest.CookieContainer = new CookieContainer();
    foreach (string cookieKey in HttpContext.Current.Request.Cookies.Keys)
    {
        ' it is absolutely necessary to pass the ASPSESSIONID cookie or you will start a new session ! '
        if (cookieKey.StartsWith("ASPSESSIONID")) {
            HttpCookie cookie = HttpContext.Current.Request.Cookies[cookieKey.ToString()];
            _myRequest.CookieContainer.Add(new Cookie(cookie.Name, cookie.Value, cookie.Path, string.IsNullOrEmpty(cookie.Domain)
                ? HttpContext.Current.Request.Url.Host
                : cookie.Domain));
        }
    }
    try
    {
        HttpWebResponse _myWebResponse = (HttpWebResponse)_myRequest.GetResponse();

        StreamReader sr = new StreamReader(_myWebResponse.GetResponseStream());
        return sr.ReadToEnd();
    }
    catch (WebException we)
    {
        return we.Message;
    }
}
    • 0