Classic .ASP and .NET .aspx web pages in one ASP.NET Web app

Question

We have an old web app written in classic ASP. We don't have the resources to rewrite the app.

I know that asp and aspx pages can coexist in the same ASP.NET web app, but it appears as those you cannot share Application and probably Session variables across these two groups of page extension types.

I was hoping to do new development in ASP.NET and to in theory, convert the Classic ASP pages over as we go.

Is there a way to share IIS variables across these two types of web pages (aside from passing information using the query string and forms fields)?

Answer 1

I just went through this. My solution was to wrap it all in a nodejs app. I dole out JWT tokens from .NET web API that have all the users claims encoded in the payload. This token gets stored in a cookie on the client. The cookie will automatically get submitted on each request to your domain so all you need to do is read the cookie value from the header and decode the payload (in ASP.NET and Classic ASP independently). Once you read the contents, you can simply set the session variables to match those that were embedded in the JWT token.

I prefer this method because it has 0 database synchronization necessary and moves your application to OAuth2 openid and away from session.

Answer 2

Well I just have faced this problem, and want to tell you that just were able to solve it in one way. The solution was relatively easy and actually depends on your original development, in my case the system flow requires to log-in in a default.aspx page and after validating the user/password are correct the page Init.asp is executed and exactly there many session vars are created and loaded (actually are just the minimum needed) after that the last instruction redirects the user to mainmenu.aspx and form that page we call .aspx and .asp files.

This solution worked for me just because of the election the original developer made when designed this ASP 3.0 application and as you can imagine I can't retrieve those values in the asp.net pages.

Answer 3

I have seen another solution aside from using the database as shared session holder. I should say beforehand that using the database option is probably much better than this. But...

You can create an ASP page whose only function is to store into and retrieve from the ASP session state. From your ASPX page you can make a webrequest to your ASP page and return any session information in the header, querystring, or even do a scrape of the restulant load. Alternatively you can return an XML stream and make a poor man's web service.

I addition, you could get session state from ASP.NET by doing the opposite and making a .NET page that access session info and returns it.

It's not a good idea and fraught with security problems. I have seen it done is all I'm saying. It's really probably best to rely on the database and possibly pass session ID around.

Answer 4

There is no straigthforwad solution for sharing session variables between classic ASP and ASP.NET. I would recommend you to persist sessions into a database, like it is described in this Microsoft Article. This way both ASP and ASP.NET can access session variables.

Answer 5

The only ways to pass this data would be GET/POST values, cookies, flat file, or storing the data to the database. There is nothing "Built In" to the .Net framework to do this.

Answer 6

You could create a simple table in your DB to store the "session" info in. Both the classic asp and the .net pages could read and write there.

Answer 7

Not a direct way. You could consider using a shared database backend for your session state.