Is there any relationship between anonymous session ( which enables temporary profile ) and …?

Question

Hello,

1) Is there any relationship between anonymous session ( where random identifier is generated for anonymous user, which enables the use of temporary profiles for unknown users) and a Session state?

2) If anonymous user is authenticated we need to clear anonymous identifier so that MigrateAnonymous event won't fire again. But why isn’t Asp.Net able to detect that now user is authenticated ( since it now has authentication cookie ) and thus doesn’t send anonymous cookie back to browser?

thanx

Answer 1

1. No. Anonymous identification uses its own cookie. It's unrelated to session state.

2. For example an anonymous user might have done some customizations to the application. You might want to store the customization info for him/her as soon as he registers on the Web site. If it destroys the cookie at the time of authentication, you'd lose access to the actions he/she had done.

UPDATE (in response to the comment):

While from a purely technical perspective, it's perfectly possible to remove the cookie automatically, I think they had done this to make this step explicit. For example, if for any reason, you want to defer the migration to the next request, you can do that. The other point I can think is that AnonymousIdentificationModule is a completely different entity from ProfileModule. None of them require the other one to do the job. You could have several different custom per user customization modules that would work with anonymous identification. ProfileModule is just one of them (and note that MigrateAnonymous is controlled by ProfileModule and not AnonymousIdentificationModule). So, design-wise, ProfileModule shouldn't touch the anonymous identification cookie. AnonymousIdentificationModule could possibly intercept the request at some time and delete the cookie itself if it wanted to but that would reduce flexibility and you would have lost data if you haven't migrated it.