views:

447

answers:

2

I have a shopping cart website running classic ASP that needs help during the checkout process. When a user is ready to checkout, they are redirected to an SSL version of the site.

Response.Redirect "https://mysecuresite.com/beginCheckoutProcess.asp"

When the jump occurs, the customer starts a new session when they arrive at the SSL version of the site. This means that the contents of their cart are lost, leaving them with a terrible experience on the site.

Is there a way to maintain the same ASP session across the jump to SSL?

A: 

Have you tried setting a cookie and storing it on both ends? Then you can recreate the session on the other end.

Daniel A. White
+1  A: 

If you keep the subdomain same it'll just work.

dr. evil
It looks like that was the case. Users were coming to our site without a www subdomain, and we were redirecting them to a hardcoded www subdomain SSL version of the site.Thanks!
Jeff Fritz
welcome :), For the sake of security take a look at "secure cookies". Depends on the application you might want to implement that, so you can secure your SSL session.
dr. evil