Sharing Session state between JSP and ASP.NET

Mauro recently posted an entry about how to share session state between an ASP (legacy) and an ASP.NET site.  Essentially:

Generate a GUID in the ASP site, store it in a database table together with the userid and other required information, including expiration time (say, 10 seconds). Then redirect to the ASP.NET site with the GUID in the URL (QUERY_STRING). The ASP.NET reads the GUID from the QUERY_STRING, retrieves the data from the database, stores in session variables or whatever mechanism you are using, checks the expiration and deletes the record. It’s important that the GUID be used only once and within a small time window.

This of course works between JSP and ASP.NET as well. Or PHP and ASP.NET, etc.

There's just one small challenge. How difficult is it to create a GUID in JSP? It's not built-in to Java, as far as I know. [editor's note: Java 1.5 added a new UUID class, see comments.]  But there are various utilities published that can do it. Of course you could just have the JSP page do an HTTP invoke (plain-old-XML or POX style) on an ASPX page that calls System.Guid.NewGuid(). That works too.

In any case, an elaboration of this simple model should work for you, for sharing session information across JSP and ASP.NET. This is a design pattern that has been validated by many customers as they migrate systems from JSP to ASP.NET.

Comments (3)

  1. navdeep says:

    hi ! appreciate your information but need more information for seamless communication between jsp and asp

  2. wsq says:

    QUERY_STRING is not good, it can be wiretapped.

    Use Cookie would be better.

Skip to main content