How to maintain session variables, going from http to https and back to http

I am a newbie in this area.

I am trying to process CC transaction using SSL. So I am going from http to https
but all my session vars (like ShoppingCartID, Login, etc ) are gone and https redirect
me to login page even though I am already login.
I am using DB to check the validity of the login and stored the login info in session:
Session{"login"] = true;
I tried using FormAuthentication, but it still does not work. I was thingking of using viewstate
but you have to pass it from page to page.
The way it works, a user can login to the site at anytime, and browse the products and add
to the shopping cart (I used session ID as the shopping cart ID). Once he is ready to check out, it will check whether the user has been login or not and goes to https.
But https losing all session variables and thought that he is not login and redirect him to login page.
What is the good way to solve this problems?
Any thought is appreciated.
Rob
0
simalaketek
8/1/2003 10:03:34 PM
asp.net.security 27051 articles. 1 followers. Follow

3 Replies
1628 Views

Similar Articles

[PageSpeed] 43
Get it on Google Play
Get it on Apple App Store

What about storing the login information (such as the shopper's GUID) in a cookie?
0
russnem
8/2/2003 8:34:11 PM
I have not tried it yet, but I think session variables are using cookies to stored the information. Because I notice that a cookie is created when I go to the site.

Is there any other way than using cookie?
Thanks russnem for your suggestion.

Regards,
Rob
0
simalaketek
8/4/2003 2:47:32 PM
I did exactly what you're talking about for several stores by using the cookie approach. I would recommend that you give it a try.
0
russnem
8/4/2003 3:07:41 PM
Reply: