locked
why use session RRS feed

  • Question

  • User-2034105282 posted

    I am beginner in c#

    Now I am creating web application in C#. 

    I have created login form and I have used session,code is  used below

    Session["User"] = txtuse.Text;
     Session["Pass"] = txtpa.Text;
      Response.Redirect("~/sessionweb2.aspx");

    I was thinking  each user have single separate session id but after the execution I saw every time come diff session Id

    so can any one explain What is use of session.

    and another thing How to keep each user information separate. Now I am thing I  have to keep user information separate using primary key. 

    I am using session mode= sqlserver .

    Friday, September 11, 2015 1:47 AM

Answers

  • User-821857111 posted

    You shouldn't use session to manage authentication. There are specific frameworks for that purpose already.

    Each user will have a separate session. I don't understand what it is that you think you saw, where you saw it or what you expected to see instead.

    Why are you using session mode = sqlserver? Are you hosting your application in a web farm?

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, September 11, 2015 2:31 AM
  • User753101303 posted

    Hi,

    As long as nothing is stored in the session, the session id will change again and again. Each user session have its own set of session variables.

    That said authentication is already handled by ASP.NET so User.Identity.Name would give the user name and storing a password for the whole duration of a session doesn't seems to make sense (it is best for small, user scoped data you'll use very frequently so not for a user name which is already provided when using ASP.NET built in authentication or for a password that seems usefull only at log time).

    For now my understanding is that session variable are not set. If I remember some browsers are not handling creating a session and redirecting (creating a session returns a cookie while redirect tells to go to another page so if you set a cookie and redirect at the same time, the cookie might be not carried over to the next page). What is your browser?

    Ah: found https://support.microsoft.com/en-us/kb/176113 it would actually depend on your web server. Do you still use IIS6 ?

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, September 15, 2015 7:10 AM

All replies

  • User-821857111 posted

    You shouldn't use session to manage authentication. There are specific frameworks for that purpose already.

    Each user will have a separate session. I don't understand what it is that you think you saw, where you saw it or what you expected to see instead.

    Why are you using session mode = sqlserver? Are you hosting your application in a web farm?

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, September 11, 2015 2:31 AM
  • User753101303 posted

    Hi,

    As long as nothing is stored in the session, the session id will change again and again. Each user session have its own set of session variables.

    That said authentication is already handled by ASP.NET so User.Identity.Name would give the user name and storing a password for the whole duration of a session doesn't seems to make sense (it is best for small, user scoped data you'll use very frequently so not for a user name which is already provided when using ASP.NET built in authentication or for a password that seems usefull only at log time).

    For now my understanding is that session variable are not set. If I remember some browsers are not handling creating a session and redirecting (creating a session returns a cookie while redirect tells to go to another page so if you set a cookie and redirect at the same time, the cookie might be not carried over to the next page). What is your browser?

    Ah: found https://support.microsoft.com/en-us/kb/176113 it would actually depend on your web server. Do you still use IIS6 ?

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, September 15, 2015 7:10 AM