SessionID ISAPI Filter by Jenda@Krynicky.cz

Some bowsers and some people do not accept cookies so you have to find
another way to keep the Session ID if you need some persistency between
access to different CGIs/APSs. 

There are several places where you can insert the Session ID into the URL.

 1. In the query

     http://www.server.com/path/to/script.pl?ID=blahblahblah&...

  This way you have to take good care that you do not lose the ID. All
  links in the HTML you create must contain it. All static HTML pages
  must be scanned and all URLs changed ...

  It realy is a big hastle and it will decrease your server's performance.

 2. At the end of the path

     http://www.server.com/path/to/script.pl/blahblahblah?...

  This way you do not have the ID in the query, but in PATH_INFO system
  variable, but that's about the only difference.

  This solution suffers from exactly the same problems as the first one.

 3. At the BEGINNING of the path

     http://www.server.com/ID:blahblahblah/path/to/script.pl?...

  This way as long as you use relative links you do not have to care
  about the Session ID. It will be there without having to include it
  in script generated HTML, without a need to parse static pages.

  Of course this solution requires a filter into the webserver that will
  move the ID elsewhere before the server tries to map the URL to
  a physical path. Which is the task of SessionID.dll.

  This DLL filters all requests, leaves intact those that do not start
  with /ID: and modifies the ones that do.

  The DLL will move the value of ID: to variable HTTP_SESSIONID and
  pass on the URL without ID:... The server will then proceed as if the
  /ID:.../ was not there at all.

  Af course the Session ID has to be the FIRST item in the path.


As an example write a little script that prints all server variables :

        #!perl
        print "Content-type: text/plain\n\n";
        foreach $key (sort keys %ENV) {
                print "$key => $ENV{$key}\n\n";
        }
        __END__

If you access the script via this URL :

        http://www.myserver.com/cgi-bin/var.pl

You'll get a listing of all variables the server provides.

If you then go to this URL :

        http://www.myserver.com/ID:HelloWorld/cgi-bin/var.pl

you will get the same listing plus this line

        HTTP_SESSIONID => HelloWorld


INSTALATION
 If you run IIS/3.0 you have to start registry editor, open key
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3SVC\Parameters
 and add the path to this DLL into value
    Filter DLLs
 (This is a comma separated list of ISAPI filters.)
 Then you have to restart IIS.

 In IIS/4.0 or PWS/4.0 you use the Management Console to add filters.

Enjoy, Jenda