从 Outlook 中托管的应用程序打开 IE 窗口时会话丢失

发布于 2024-08-30 18:58:00 字数 344 浏览 6 评论 0原文

ASP.NET 应用程序(实际上使用 Silverlight,但这并不重要)作为文件夹主页托管在 Outlook 中。在此应用程序中,有一个打开弹出窗口的链接,该窗口将打开一个单独的 IE 窗口,而不是在 Outlook 中。

问题是,在这种情况下,ASP.NET 会话似乎丢失了。对 ASP.NET 服务的调用在 Session 中没有任何内容,并且 Session._id 不同。我怀疑 Outlook 的 cookie 与 IE 不同。

从 Outlook 打开 IE 弹出窗口时如何保留会话?也许以某种方式通过 URL 传递会话 ID,或者在 web.config 中配置它?

请注意,我不想要无 cookie 会话。

An ASP.NET application (actually with Silverlight but it doesn't matter) is hosted in Outlook as folder home page. In this application there's a link to open popup window, which opens a separate IE window, not in Outlook.

The problem is that in this case it seems that ASP.NET session is lost. A call to ASP.NET service has nothing in Session and Session._id is different. I suspect that Outlook has different cookies than IE.

How do I preserve session when opening IE popup from Outlook? Maybe pass session id via URL somehow, or configure this in web.config?

Note that I don't want cookieless sessions.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

柠檬色的秋千 2024-09-06 18:58:00

我过去遇到过这个问题,但始终无法找到解决方法,因为 Outlook 中的浏览器运行在完全不同的进程下,甚至不是典型的 IE 环境。如果我记得的话,我也遇到过通过身份验证的问题。

当直接在 IE 中执行相同的行为时,它实际上使用同一会话打开另一个窗口。

要在 IE 中重新创建 Outlook 中发生的进程,只需打开 IE 窗口并转到您的应用程序。然后通过单击快捷方式(不是从当前 IE 会话中生成它)并将链接复制并粘贴到地址栏中来打开一个新的 IE 窗口。这本质上就是 Outlook 正在做的事情。

I ran into this problem in the past and was never able to find a way around it since the browser in outlook is running under a totally different process and it's not even a typical IE environment. I had issues with pass through authentication as well if I recall.

When the same behavior is done in IE directly, it actually opens another window using the same session.

To recreate the process in IE that is occurring in Outlook just open an IE windown and go to your app. Then open a new IE window by clicking the shortcut (not spawning it from the current IE session) and copying and pasting a link into the address bar. This is essentially what Outlook is doing.

粉红×色少女 2024-09-06 18:58:00

我会尝试从 Outlook 的 url 中传递用户的 ASP.NET_SessionId cookie 的值,然后在 IE 中打开的页面上检查 url 上的该值,并在加载页面之前在响应中复制 ASP.NET_SessionId cookie(也许在为请求加载会话之前的 IHttpModule 中)。

我不能 100% 确定这会起作用,以防 ASP.NET 有一些内置的会话劫持安全性,这会阻止您以某种方式手动复制会话 cookie,但这就是我要开始的地方。

I would try passing the value of the user's ASP.NET_SessionId cookie in the url from Outlook, then on the page that's opened in IE check for that value on the url and duplicate the ASP.NET_SessionId cookie in the response before loading the page (perhaps in an IHttpModule before the session has even been loaded for the request).

I'm not 100% sure this would work in case ASP.NET has some built-in session hijacking security in place that would prevent you from manually duplicating the session cookie somehow, but that's where I would start.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文