#1
  1. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2003
    Posts
    2
    Rep Power
    0

    cfhttp and keeping session id's


    Hi, I have some coldfusion which does a CFHTTP to another page on another server. The other page is in ASP which also uses a COM object. The COM object relies on a constant SESSIONID.

    If I use cfhttp then the session id in the ASP script changes every time because CFHTTP is a new session each time it is used the next time around (that is the coldfusion page has a link to itself which calls the CFHTTP again).

    I've tried using CFHTTPPARAM to set type CGI name SESSIONID to change the HTTP_SESSIONID in the header, but this has no effect on the session id (retrieved in ASP using session.sessionID) though it comes back using request.servervariables("http_sessionid") but again, the COM object only see's what the ASP sevice has identified as the current Session ID and not what came in the header.

    Does anyone have any solution. It's pretty urgent so any help would be greatly appreciated!

    Cheers,
    Craig.
  2. #2
  3. No Profile Picture
    Moderator

    Join Date
    Jun 2002
    Location
    Raleigh, NC
    Posts
    5,269
    Rep Power
    968
    Can you not just pass the ASP Session ID in the URL that you are using in the CFHTTP call?
  4. #3
  5. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2003
    Posts
    2
    Rep Power
    0
    That was pretty much what I thought I was doing, but I had the whole situation confused. I solved it because I realised that ASP uses a completely different format of SESSION ID in two ways, i.e. session.sessionid brings back a different ID to that supplied through the HTTP Header and the cookie ID.

    Simply put, if I set the sessionID being passed to ASP as a cookie then the ASP uses that, if I dont supply one, ASP creates one, which you can recover in CFM by looking at the returned header after the CFHTTP.

    So to solve it, I had to do a call to a pretty much empty ASP script using CFHTTP, that returns a http header with a new cookie with the session ID (found by looking at the cookie "SET-COOKIE" and extracting the cookie marked ASPSESSIONIDblah blah..
    Now I have it, I then use CFHTTPPARAM of type cookie on my next call to the real ASP script I want. The ASP script picks this up and so does the COM object which needs it.

    On the next time to the first CFM page, I just check if I need a new cookie/sessionid or not and dont do the initial CFHTTP if it's not the first time around.

    I got to be fair, though it works it is completely full of server overheads and would make more sense if it the ASP was converted to CFM in this case, but I dont have that luxury at the moment.

    Thanks for the suggestion

    C.

IMN logo majestic logo threadwatch logo seochat tools logo