locked
Keep Alive functionality between two applications which are present cross domain RRS feed

  • Question

  • User1825960689 posted

    I want to implement keep alive functionality between two applications which are present cross domain.

    Scenario - We have two applications - application1 implemented in asp.net and application2 implemented in asp.net MVC. Application2 is opened from application1 using single sign on functionality in new IE window or in new tab. Now, we want to keep alive application1 still user is present in application2.

    Problem - We are able to implement this using same domain as same domain shares same Asp.net_SessionId. But when we set these applications on different domains, we don't get same Asp.net_sessionId. When we refresh the application1 from application2 after particular interval to keep the application1 alive, we get the new Asp.net_sessionID in application1. So the application1's session time is not refreshed.

    We don't want to use IFRAME as well cache to resolve this issue.

    Please provide the solution.

    Web Application1 code(which is calling application2 to keep alive) -

    KeepAliveSSO: function (thirdPartyurl, time, postflag) {
    thirdPartyurl = "http://localhost/WebApplication1/KeepAlive.aspx";
    var _intTime = parseInt(time);
    if (thirdPartyurl != null && thirdPartyurl != "" && time != null && time != "" && _intTime > 0) {
    _intTime = parseInt(time) * 60 * 1000;
    if (postflag == true) {
    alert('test');
    var _date = new Date();
    var _url = thirdPartyurl + "?q=" + _date.toUTCString();
    var result = $.ajax({ type: "POST",
    url: _url,
    async: false,
    datatype: "json",
    global: false
    });
    }
    setTimeout(function () { dvwscript.KeepAliveSSO(thirdPartyurl, time, true) }, _intTime);
    }
    }


    Application2 code - (KeepAlive.aspx.cs)

    protected void Page_Load(object sender, EventArgs e)
    {

    string cookieName = FormsAuthentication.FormsCookieName;
    Response.AddHeader("Expires", "Mon, 26 Jul 1997 05:00:00 GMT");
    Response.AddHeader("Cache-Control", "no-cache, no-store, must-revalidate, max-age=0");
    Response.AddHeader("Pragma", "no-cache");
    Response.Cache.SetLastModified(DateTime.Now);
    Response.Cache.SetExpires(DateTime.Now.AddDays(-7));
    Response.Cache.SetMaxAge(new TimeSpan(0));
    Response.Cache.SetCacheability(HttpCacheability.NoCache);
    Response.Cache.SetNoStore();
    string authorizationCookie = string.Empty;
    FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(cookieName, // user name
    false, // create time
    20 // expire time
    ); // user data
    authorizationCookie = FormsAuthentication.Encrypt(ticket);
    HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, authorizationCookie);
    Response.Cookies.Add(cookie);

    }

    Application2 is connected to application1 using Single sign on (Microsoft Identity Model's federation authentication is used)

    Requirement: We want to keep alive application2 from application1 where application1 and application2 are in different domain.

    Tuesday, March 17, 2015 7:22 AM

Answers

All replies