I read thousand of doc but nothing work for me.
1) What I want : on my server-side I used the following variable :
2) When I changed the subdomain
www.myDomain.com/myPage.aspx OR myDomain.com/myPage.aspx OR myUser.myDomain.com/myPage.aspx
My problem : I loose the Session data when I go from one of those domain to another.
3) I want to keep the session-state only with cookie and inproc mode :
<sessionState mode="InProc" cookieless="UseCookies" cookieName="myDomain.com" timeout="10000"> </sessionState> <authentication mode="Windows"/>
I added in the web.config :
<httpCookies domain="myDomain.com" />
<httpCookies domain=".myDomain.com" />
<httpCookies domain=".myDomain.com" httpOnlyCookies="true" />
Pero nada funcionó.
Gracias por cualquier consejo.
preguntado el 16 de mayo de 11 a las 19:05
Short answer, you can't fulfill all of your criteria.
- Redirect any request with an incoming domain of "xxx.myDomain.com" to a common "www.myDomain.com". This may involve changing "myUser.myDomain.com" to "www.myDomain.com/default.aspx?&user=myUser". Because it's a redirect, your user will see the address in his bar change, and will therefore gain some knowledge of the sausage-making behind your website (useful to attackers).
- NEVER refer to your domain explicitly from within your own site. All URIs should be relative to the root of your web structure. This should allow you to avoid changing domains and thus losing your session state.
- Use SQLServer to manage session state: http://support.microsoft.com/kb/2527105. This will require changing your session handling from InProc with cookies to SQLServer, as well as some other config changes.