Problem getting cookie to be recognized by server



I am unable to pass along a simple Cookie obtained from a HttpWebRequest
call (Machine A's ASP.NET app) so that another Web Server (Machine B)
recongnizes the cookie.

I have performed the exact steps [I am trying to do programmatically] by
entering the URLs into the browser (IE). In this case, everything works.

I have used TcpTrace to monitor the traffic, and have verified that the
Cookie is set in both cases, but the ASP.NET case is doing all POST(s),
whereas the simple URL entering is GET(s). Could this be part of the
problem? I have listed the details below - in case anyone has run into this
type of problem and got it working.

Thanks in advance for any help,
Bob DeRemer
(e-mail address removed)

I have a fairly simple scenario [at least I thought so]. I have a simple,
two machine setup with the following configuration:

MACHINE B [IIS + ServletExec ISAPI DLL for running our java code]

* both on the same domain
* ASP.NET app (on Machine A) programmatically calls a login page against our
own Java ServletExec code (on Machine B) to authenticate - via
* ASP.NET app (on Machine A) takes the cookie from the previous call's
HttpWebResponse and sets the this.Page.Request.Cookies collection [in the
hopes that all future page requests will pass along the cookie]
* ASP.NET app (on Machine A) also has an IFrame element whose src attribute
goes to Machine B



Steven Cheng[MSFT]

Hi Rss,

From your description, you have two servers and each one hosts a certain
web application, one is ASP.NET web app and another is java servlet based
web app. Currently, you are trying to use HttpWebRequest to request a login
page in the java web app and then retirve back the authentication cookie
and set into the web application's cookie colleciton for sequential
use, yes?

As for this problem, here are some of my suggestions:
1. Generally, a cookie item has a Domain attribute which distingish it
between different applications and a path attribute which can distingish
them in the same domain. Also, the ASP.NET, CLASSIC ASP and JSP/Servlet may
have different behavior on manipulating cookie's certain attributes. So the
cookie you retrieved from the jsp/servlet web app may not able to be
directly used in application (such as store to the web
app's client and retrieve it back again). We'd better retrieve back the
cookie from jsp/servlet web app and then still use HttpWebRequest and
reattach the cookie and visit the jsp/servlet web app.

2. Also, in , if we want to store cookie to its client, we have to
use the Response.Cookies collection rather than the Request.Cookies
collecton. the Request Cookies collectidon is the cookies retrieved from
the clientside but not the ones that will be stored again to client.

Here are some tech articles on cookies in
#Basics of Cookies in ASP.NET



Steven Cheng
Microsoft Online Support

Get Secure!
(This posting is provided "AS IS", with no warranties, and confers no

Get Preview at ASP.NET whidbey


Thanks for the reply, and yes - you are exactly right on your summary of
what I am trying to do. I noticed the behavior your are talking about
with respect to Domains, and was trying to set all HttpCookie properties
from the Cookie retrieved from the HttpWebResponse object, but it was no
use. While I could see the Cookie in HTTP header [via TcpTrace], the
Servelet side did not apparently recognize it.

Two interesting NOTEs on behavior:

1) if I ran this such that the ASP.NET application AND the Java servlet
code where running on the same machine, and in the same IIS context
(i.e. same machine and under the same root path) - it works fine!

2) if I run my ASP.NET app that programmatically hits the Java Servlet
and grabs the JSESSIONID cookie, then enter the URL to the page on the
Servlet machine that requires the cookie - BUT hit it via the TcpTrace
redirect [which is tunnelling through the ASP.NET machine], it works.
If I enter the direct URL, it does not work - for example:

WORKING EXAMPLE [enter http://aspdotnet:8080/test.irpt and the cookie I
got is recognized in the page] FAILING EXAMPLE [enter
http://servlet_machine/test.irpt and the cookie is NOT recognized UNLESS
I first hit the login page via the same path (i.e.

I will gladly try the first suggestion (i.e. HttpWebRequest against the
URL that is being set as the IFRAME src attribute), but I'm not sure how
to handle the result of executing the request. How do I take the
resulting response stream and actually set it in an IFRAME or similar
construct? I need the Iframe because the resulting code has embedded
APPLET tags, etc. - unless there is another way to render this so the
result HTML block is isolated from the rest of the page.

Thanks in advance for you help,

*** Sent via Devdex ***
Don't just participate in USENET...get rewarded for it!




Got the problem solved. It turned out to be a domain problem. I was not
specifying fully-qualified domain names for the two respective machines
(i.e. and That made the
difference. After issueing all URL(s) with the fully domain name (i.e., then using just as the
cookie's domain property, it worked.

Thanks for the suggestions, however, it helped me narrow in on what I
suspected the problem was.


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question