mysite -> 3rd party -> mysite, session *sometimes* lost

[Michael Teter <mt...@1scom.net>]

Howdy.

I've got a site I am interfacing with PaySystems.com (credit card 
processing).

For some users (Internet Explorer, same or very similar version, default 
settings), when they return to my site after doing the credit card dance 
on the paysystems.com site, they get a new session.

I can't figure out why some do and some don't.  The way PaySystems 
works, after the user gives ccard info, and assuming it is accepted, 
PaySystems then forwards the user back to my site, along with a bunch of 
GET parameters that describe the order.  But some users arrive back at 
my site and are given a new sessionid, and so there's no context, and my 
system is rejecting their attempt to visit the page.

I can go into lots more detail if necessary.  Does anyone have any ideas 
right away?

Thanks very much.

MT

Re: mysite -> 3rd party -> mysite, session *sometimes* lost

[Christopher Williams <cc...@ntlworld.com>]

I'm guessing that you redirect to the credit card processor's URL, supplying
your own URL as a GET parameter.  Try calling response.encodeURL() on your
own URL before supplying it so that the session ID is appended.

If it still doesn't work, you need to work round it by persisting the
current session state, adding some ID as a GET parameter to your own URL (be
sure to call URLEncoder.encode() on the query string) and then repopulating
the session when you're called back.