I am developing an IP phone web application in c# .net 2.0 using IIS version 5.1.

When the IP phone is turned on it Gets the default.aspx page. I use Server.Transfer on the server and then I send the response, which is used to show a login screen on the IP phone. In the response I have set a cookie, which the phone should send back to the web application when doing a new requst. The problem is that the phone never sends that cookie in the next request.

When the phone is doing a requst I see that the http header contains "Connection : Close". I believe this setting should be set to "Connection : keep alive" to make the phone return back the cookie on every requst?

The problem is not that I use too large cookies. I am able to set the cookie and I can see that this cookie is sent to the phone. This is the httpheader sent to the phone:

HTTP/1.1 200 OK
Server: Microsoft-IIS/5.1
Date: Wed, 02 Jul 2008 09:43:42 GMT
X-Powered-By: ASP.NET
Connection: close
X-AspNet-Version: 2.0.50727
Set-Cookie: model=C7921; expires=Wed, 02-Jul-2008 12:13:42 GMT; path=/
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Content-Length: 1516

I belive that the httpheader should be set to Connection:keep-alive and not Connection:Close. The problem is that every request from the phone contains Connection: close, which is used to tell the web-server to close the session. Is there a way to change the httprequest from the cisco ip-phone to Connection: keep-alive?

Thank you, David for your answers.

I'am using Cisco IP Phone 7940 with App Load ID = P00307020400.

When I let Asp.net 2.0 generate the cookies for me I get the following results.

The phone request the default.aspx and sets the following cookie:
ASP:NET_SessionID = "aerozx55dq24xmnqwhuls5mr"

I do a Server.Transfer to the login.aspx, generate a respons and the login page is shown in the display. When I hit the submit button the phone makes a requst to Authenticate.aspx. What I see is that the Session Id has changed:

ASP:NET_SessionID = "hwxwzeufosxwjbihmnmxs355"

When I use Cisco IP Communicator installed on my PC I do not have problems with sessions at all.

I am using EffeTech HTTP Sniffer so I can see what's inside every http request and response sendt to and from the IP Phone. Therefore I do not believe it's necessary to use WireShark.

I have done som more testing and this is what I have come up with:

When I push the Services button, the phone requests the default.aspx page. After Server.Transfer(Login.aspx), the login page shows in the display. I can see that asp.net_sessionId in the response is included in the HTTP header. When I push SoftKeyA (submit), the Authenticate.aspx is requested. And this request contains a new sessionId. This sessionId is persistent when navigating all other pages.

Every time I push the services button a new sessionId is generated, but everytime i push the submit button on the login page (first page shown on the phone), I get another sessionId and this sessionId is always the same, but different from the sessionId generated when requesting default.aspx. Strange?

The cookies lives within the same scope by domain.

I have captured the packets using WireShark. I would appreciate if you could have a look at .pcap file, and give me any comments.

Rename Cookie_Problem_HTTP.txt to Cookie_Problem_HTTP.rar

Thanks a lot for your interest in helping me.

I tried to attach the file, but I gess it didn't work. I have now uploaded the file to the ftp server.

Thanks.

Edited by: Kenneth Aasgrav on 07.jul.2008 03:48