rho
Posts: 85
|
| Posted: 05/26/2005, 11:57 PM |
|
Hi, I have been running a CCS website without problems for some time now at my provider (IIS server) and they just moved my site over to a new server.
Unfortunately now I CCS presents me with the login screen for every frame page (the site uses frames). As nothing has changed in the CCS site itself, I expect it to be a server configuration thing.
Has anyone had something similar which could point me in the right direction to solve this?
|
 |
 |
peterr
Posts: 5971
|
| Posted: 05/27/2005, 12:06 AM |
|
It could help to see this problem. Is the URL publicly accessible - could you provide it?
_________________
Peter R.
YesSoftware Forums Moderator
For product support please visit http://support.yessoftware.com |
|
|
|
rho
Posts: 85
|
| Posted: 05/27/2005, 12:39 AM |
|
Hi peterr, unfortunately it is not publicly available - it is the backoffice functionality of a website. I could send you the login data, but not through this forum.
|
|
|
|
rho
Posts: 85
|
| Posted: 05/27/2005, 8:57 AM |
|
Hi, I've been puzzling about this - with no luck until now - and set up a standard CCS generated testsite with frames at http://www.boost-energy.com/frametest - all pages are restriced. It uses the CCS Internet example database, so you can login using admin/admin. The occurence of the problem is inconsistently as far as I can see: sometimes pages are redirected to the login page, sometimes not.
As I have this working without problems on my local server (IIS5.0), I suspect it to be a server side configuration. Any help/hints/directions very much appreciated!
|
|
|
|
rho
Posts: 85
|
| Posted: 05/27/2005, 9:19 AM |
|
And the server in question is IIS6.0.
|
|
|
|
peterr
Posts: 5971
|
| Posted: 05/27/2005, 10:16 AM |
|
Possibly this behavior was implemented in ISS 5 or 6 due to security concerns. Based on Microsoft support articles this is "normal".
For example:
http://support.microsoft.com/kb/q175167/
Quote :This method (using session variables) cannot reliably be shared between frames in a frameset or across multiple browser instances.
However, using sessions is the main way to store user's login information, thus in turn the above means that frames cannot reliably be used when using session variables.
Since this is an Microsoft IIS behavior, you probably would need to contact Microsoft to find some solution, or see what you can find on Microsoft support Website:
http://www.google.com/search?q=ASP+session+lost+frames+site%3Amicrosoft.com
From application point of view you could try modifying the Login code in Common.asp to use Cookies in addition to sessions, so that a cookie is created when a session is created, and a session is created when a cookie exists. Although I'm not sure if this will work with all Web browsers with their various cookie/privacy settings.
And other alternatives are not to use frames, or install your own Web server with an older version of IIS.
_________________
Peter R.
YesSoftware Forums Moderator
For product support please visit http://support.yessoftware.com |
|
|
|
rho
Posts: 85
|
| Posted: 05/27/2005, 10:32 AM |
|
Thanks! This is exactly what I needed to get going again. I'll post my experiences after finding the 'best' solution.
|
|
|
|
rho
Posts: 85
|
| Posted: 07/02/2005, 1:48 AM |
|
Ok, to finish up:
- The behavior is caused by IE6 as mentioned in http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q323752. For example Firefox works ok.
- None of the proposed solutions by Microsoft worked (for me).
- Eventually I implemented the proposed solution using cookies/sessions: when logging in (succesfully), I create a cookie containing session information. Then in CCSecurityAccessCheck() I modified the code to check for the values in the cookie.
|
|
|
|
|
