tags:

views:

302

answers:

2
+1  Q: 

Where are store SessionID on the client

I have a web site in ASP 3.0. This web site initialize authentication by session on the server, and retreive the id of the user in the session. A multiple clients access to the web site with no problem.

Some of them lost there session. I think is due to a client configuration with the sessionID token or someting like that.

Could some body tell me where are stored the sessionID on the client machine.

Thanks.

I read this post and just need to know what will be the name of the cookie ? Is it the same cookie that we can read/write in code ?

I try to find a way to identify, the sessionID storing on the client machine and the connected session on the server. Did a way to do that ?

+1  A: 

Session ID's can be stored in multiple ways on the client but it's the server configuration that specifies the exact way. If possible, cookies will be used. Otherwise, the session ID might be part of the URL or be part of the web page itself as a hidden form variable. Also, session ID's are often created to time out after a while. If a user isn't contacting the server within e.g. 20 minutes, the session expires and a new session would be required.

Workshop Alex  2009-09-08 20:52:06
+1  A: 

The server allocates a session and stores its ID in a cookie, known as the session cookie. The ASP Session cookie has this format:-

ASPSESSIONIDACSSDCCC=APHELKLDMNKNIOJONJACDHFN

Note that last 8 characters in the name of the cookie will vary from one instance of your application to the next. Hence to even discover the cookie you need to enumerate all the cookies looking for any that match the pattern ASPSESSIONIDxxxxxxxx.

I'm not sure what you could usefully do with this cookie once you have acquired it.

AnthonyWJones  2009-09-09 11:26:36
Thanks for your answer. The goal is not to do something with the cookie, but validate why my client create a new session on the web server after about 1 min.
Cédric Boivin  2009-09-09 12:15:22
Are you storing alot of information in your cookies? Cookie storage is limited (to about 4K I think) after that its a firsts in first out system so its possible for you session cookie to pop off the list. Classic of this happening it with a big old tree view control that stores the state of the tree in a cookie, if its too big the browser bins other cookies to try to accommodate it. Nasty.
Pete Duncanson  2009-09-09 12:40:15

related questions

IE6 security login (debugging via VirtualPC)
Asp.net Reinstalling a DLL into the GAC
Failed to load resources from resource file.
What does an IISReset do?
How do I secure a folder used to let users upload files?
VBScript/IIS - How do I automatically set ASP.NET version for a particular website
IIS 6/COM+ hangs
Web server farms with IIS ? Basic Infos
.NET 3.5 Service Pack 1 causes 404 pages on ASP.NET Web App
What Url rewriter do you use for ASP.Net?
Publishing to IIS - Best Practices
ASP.NET Proxy Application
PHP on IIS
How do I stop IIS7 dropping my cookies?
HTTPS in IIS 5.1
Best tool for performance testing ASP.NET
Alternative Hostname for an IIS web site for internal access only
SQL Server 2008 FileStream on a Web Server
Solutions for working with multiple branches in ASP.Net
Dual vs. Quadcore on a Webserver
PHP Error - Uploading a file
Visual Studio 2008 debugger already attached work-around
Linux shell equivalent on IIS
Bandwith throttling in IIS 6 by IP Address
Checklist for IIS 6/ASP.NET Windows Authentication?