I have to implement a PHP Web site that performs queries to an already existing SQL Server database and displays the results. Since the Web site's server will be a Linux box, what I will actually do is implement an ASP.NET Web Service that acts as a proxy to the database (and will be obviously run on a Windows box), so the Web site's server will query the database through the Web Service only.

Users of the Web site will have to log in with an username and password in order to perform queries specific to themselves; as an example, think of a Web email client, which must obviously display the messages sent to or received by the user who has logged in only. Thus, I need to store session in my Web site's server. For security reasons, I will store session information in my Web Service's server, so, even if my Web site's security is compromised, it will be impossible to perform queries not related to the user who has logged in.

So my question is, how do I share session information between my PHP site and my ASP.NET Web Service?

EDIT: I know how the Web Service's code should look like.

[WebMethod(EnableSession=true)]
public bool login(string user, string pass)
{
    if (/* login validation */)
    {
        Session["user"] = user;
        return true;
    }
    else
    {
        Session["user"] = null;
        return false;
    }
}

[WebMethod(EnableSession=true)]
public string getStuff(/*string user,*/ string someOtherParam)
{
    string user = (string)Session["user"];
    /* more code */
}

So now my question is, how do I send session state information from PHP to my Web Service?

Originally asked by: Eduardo León on Stack Overflow