I read that a page which runs under an https connection cannot share an InProc Session (based on cookies) with another page (or the same for that matter) running under regular http. My site is running on Server 2003, IIS 6 and .Net 2.0.
After some experiments it appears that a page which stores data in session while being connected through https CAN subsequently access the data even if running under plain http.
So, is it possible or should I go over and look for flaws in the SSL configuration?