Passing data between a parent app and a virtual directory

Question

I have an application that runs as a child application in a virtual directory.

I want to pass a value from the parent application, but I believe that Session is keyed per application, and won't work.

To further complicate things, the parent application is WebForms, while the child is NVelocity MVC.

Does anyone know a trick that allows me to use some sort of Session type functionality between virtual applications?

EDIT: A webservice isn't really what I had in mind, all I need to do is pass the logged in users username to the child app. Besides, if calling a webservice back on the parent, I won't get the same session, so I won't know what user.

Answer 1

Sounds like web service is the way to go. You could do something like the following:

• Have the WebForms app create some data in its database with a key of some kind associated to it.
• Pass that key in the URL to the NVelocity MVC application.
• Allow the NVMVC application to call a web service (REST,XML-RPC,SOAP,whatever) on the WebForms app using the key that was passed.

This will get around any kind of session keying or cookie-domain problem you may have and allow you to pass some nicely structured data.

Answer 2

You can do a server-side HTTP Request, it looks something like this in C#:

HttpWebRequest req = (HttpWebRequest)WebRequest.Create("/ASPSession.ASP?SessionVar=" + SessionVarName);
req.Headers.Add("Cookie: " + SessionCookieName + "=" + SessionCookieValue);

HttpWebResponse resp = (HttpWebResponse)req.GetResponse();
Stream receiveStream = resp.GetResponseStream();

System.Text.Encoding encode = System.Text.Encoding.GetEncoding("utf-8");

StreamReader readStream = new StreamReader(receiveStream, encode);

string response = readStream.ReadToEnd();

resp.Close();
readStream.Close();
return response;

On the ASP side, I just verify that the request only comes from localhost, to prevent XSS-style attacks, and then the response is just the value of the Session variable.

Finding the cookie is easy enough, Session cookies all have similar names, so just examine the cookies collection until you find the appropriate cookie. Note, this does only work if the cookies are valid on the entire domain, and not just on the subfolder your are on.

Answer 3

Store the data you need to share on a place where both applications can query it, with a key both applications know.

A database is something you can use,if you don't want a Web service.

Answer 4

Use a classic asp form on your page to pass using post, in child app pick up using request.form

Answer 5

Why could it not simply be passed as an encrypted query string?

The child app could decrypt it, validate it, and bob is your uncle.