Handle session variable problems between classic ASP and ASP.NET web applications

Introduction

In this article, I am going to talk about how to create a bridge between a classic ASP website and an ASP.NET website. If you are trying to migrate a website from classic ASP 3.0 to the newer ASP.NET, but keeping some functionality in the classic ASP website and some with newer .NET version, you will be in trouble when maintaining session variables.

As you will find out, the browser creates two different session baskets for classic ASP 3.0 and ASP.NET. Even though they will be residing on the same server, the browser will treat them differently. So, when you want to share session variables between these two technologies, you cannot do it simply over the web browser. There are several solutions to this problem. Using a database involves a lot of complexity. So, I prefer not to go with that route. Here, I have tried to solve the problem using cookies. I haven't found a better solution than this. If you have a better answer, please feel free to correct me. I will readily accept your suggestions.

Background

Sometimes, we are required to keep web applications that are in classic ASP along with new ASP.NET version. In this situation, session variables are a critical factor since the browser handles the variables as different session variables of two different applications. We need some mechanism to conquer this problem in a simple way.

Using the code

Before you do anything, you have to consider the flow of your web application. By that, I mean you have to consider what point of time your application will make the jump from classic ASP to the new ASP.NET pages. Once you make that judgment, you are ready to rock. You can create session variables at any point of your web application. Create an ASP page for creating cookie variables for your ASP.NET pages.

The Session_to_cookies.asp page looks as follows.

<% 
If Session("loginValid")<>"true" Then
            Response.Redirect "adminlogin.asp"
End IF
 
Response.Cookies("sessionInfo")("LoggedUserID")= Session("LoggedUserID") 
Response.Cookies("sessionInfo")("LoggedfirstName")=  Session("LoggedfirstName")
Response.Cookies("sessionInfo")("LoggedlastName")= Session("LoggedlastName")
Response.Cookies("sessionInfo")("loginValid")= Session("loginValid")
%>

Whenever your application makes the jump, the page will be redirected to this newly created page which will create cookies for session variables which are essential for the user. These cookies will be then grabbed by ASP.NET. Using these cookies, create new session variables as required by the browser for ASP.NET.

Following code for your maser page helps to set up the session and delete the cookies:

public partial class masterPage : System.Web.UI.MasterPage
{
    protected void Page_Init(object sender, EventArgs e)
    {
        if (Session["loginValid"] == null)
        {
            if (Request.Cookies["sessionInfo"] != null)
            {
                HttpCookie myCookie = Request.Cookies.Get("sessionInfo");
                myCookie.Name = "sessionInfo";
 
                Session["loginValid"] = 
                  Convert.ToBoolean(myCookie["loginValid"].ToString());
                Session["LoggedUserID"] = 
                  Convert.ToInt32(myCookie["LoggedUserID"].ToString());

                myCookie.Expires = DateTime.Now.AddDays(-1);
                Response.Cookies.Add(myCookie);
            }
            else
            {
                Response.Redirect("../session_to_cookies.asp");
            }
        }
    }
    protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["loginValid"] == null)
        {
            if (Request.Cookies["sessionInfo"] != null)
            {
                HttpCookie myCookie = Request.Cookies.Get("sessionInfo");
                myCookie.Name = "sessionInfo";
 
                Session["loginValid"] = 
                  Convert.ToBoolean(myCookie["loginValid"].ToString());
                Session["LoggedUserID"] = 
                  Convert.ToInt32(myCookie["LoggedUserID"].ToString());
                myCookie.Expires = DateTime.Now.AddDays(-1);
                Response.Cookies.Add(myCookie);
 
            }
            else
            {
                Response.Redirect("../session_to_cookies.asp");
            }
        }
    }
}

Once these session variables are created, delete the cookies using ASP.NET. Every time you make the jump, it should be redirected to the page that sets the cookies for the session variables. Cookies values can then be checked on the ASP.NET page, which can then either directly delete the cookies or create a session for it, as required.