Reputation: 11
How to share session and cookie between asp.net web form application and asp.net core application?
we have two projects in asp.net web form and asp.net core. we are planned to integrate these with session(in one domain). my search showed in .net core only method for outproc are sql server and Redis. It seems not to be supported state server in .net core. is that right?
we were tested sql server session state but donot work right, asp.net core save session data in table with name SQLState but in asp.net save session data ASPStateTempSessions. thus session cannot be share between them.
have everybody a full sample for share Session object between ASP.NET (4.6 or higher) and ASP.NET CORE?
Upvotes: 1
Views: 2542
Answers (2)
Reputation: 1613
I don't know if it's possible. ASP Web Form and ASP Net Core have different architecture.
Alternatively, if you want to have shared resources between projects, you could create web service for both.
For example. If you want to have Cross-Domain and Cross-Platform Single-sign-on, you could do this scenario:
All of the projects would need to authenticate to www.sso.com to check the login between apps.
We need Authenticate web service to check the shared authentication. And we could share other data for all authenticated users.
Here is a detailed explanation and sample project:
https://www.codeproject.com/Articles/114484/Single-Sign-On-SSO-for-cross-domain-ASP-NET-appl-2
Upvotes: 0
Reputation: 239400
There's more to this than just the store. You're correct that ASP.NET Core does not support State Server (at least out of the box), so you will likely need to move to something like SQL Server or Redis, regardless.
However, the bigger issue is encryption/decryption. ASP.NET and ASP.NET Core employ entirely different methods of cryptography. ASP.NET uses a "machine key", where as ASP.NET Core use data protection providers and a key ring. Even assuming a shared session store, unless you get them speaking in the same language here, you won't be able to decrypt what was set by one from the other.
In that regard, though, you might be out of luck. ASP.NET MVC 5 supports OWIN and the data protection infrastructure in ASP.NET Core is OWIN compatible, so if you set up your ASP.NET app to utilize data protection providers and you share the same session store, key ring store, and application name, then they can view each other's cookies. However, I don't think Web Forms participates in this, even if you embed them in an MVC 5 app. As such, there's probably no way to share the session store between the two. Still, you can give it a go, I suppose. The worst that can happen is that it won't work, and you're right back where you are now. The ASP.NET Core docs cover how to set everything up.
Upvotes: 3
Related Questions
- Session sharing between Asp.Net Webforms and Asp.Net Core
- Authentication cookie sharing between ASP WebForms and ASP.NET Core MVC app
- share authentication cookie between .Net Core Web Apps
- Asp.Net Core - Prevent Session cookie conflict between same domain applications
- sharing asp.net 4 forms authentication cookie with asp.net core 2.0
- Sharing Cookies Between Two ASP.NET Core Applications
- Sharing session between .NET framework app and .NET Core Razor pages app
- Sharing authentication cookie among Asp.Net Core 1 (MVC6) and MVC 5 applications
- Shared cookie authentication between ASP.NET Core RC2 and .NET 4.5.1 apps
- Sharing login cookie between applications. ASP.NET Core