I'm working on a site that has a requirement to share session between a cms application and an online store application on the same domain eg.
mydomain.com
and
store.mydomain.com
I've made some progress with it and it works on my local build between
localhost/cms
and
localhost/store
Basically I have done what is suggested in this article
and hacked the TempGetAppID Stored Procedure to return the same application id (1). This appears to work as it creates sessions with ids like 'abv5d2urx1asscfwuzw3wp4500000001', which is what I'd expect.
My issue is that when I deploy it to our testing environment, it creates a new session when I navigate between the 2 sites. So when I start a session on the cms site, if I navigate to the store, it creates a new session. These are set up as 2 different websites in IIS7.
In the web.config files for both sites, the and elements are both the same and are as follows (minus sensitive information)
Has anyone got an ideas why this might not be working? I am sharing Forms Authentication across the 2 sites and that works fine. Any help or ideas would be greatly appreciated!
Many thanks
Dave
Persist all session data on the SQL-server, using the session-ID as key. Then use a cookie containing the session-ID that points to
.mydomain.com
so it will be available on both sub-domains.This article at 15 seconds covers the subject and even shows a technique to share sessions across completely different domains.
It appears the issue we were having was that the session cookie domain was being being set differently on the 2 applications. This meant that each application generated it's own sessionId.
We added
<httpCookies domain=".ourdomain.co.uk" />
to our web.config and that seems to have solved it. Thanks for hte help, hope this helps someone else in the future.