I'm going to ask a user to login first, then when I'm going to save information I'm going to have to save the information and associate it with the logged in user.
How should I handle this with session?
views:
36answers:
4
+1
A:
Why not use the ASP.NET Membership toolkit that's already integrated into ASP.NET? (well, integrated sorta)
drachenstern
2010-06-03 21:57:37
+1
A:
You could just use Response.Cookies http://msdn.microsoft.com/en-us/library/78c837bd.aspx
drachenstern
2010-06-03 21:58:28
A:
By default, Session uses memory storage on the server, and identifies the data using an identifier cookie.
You could optionally store everything in cookies, which is particularly useful if you have more than one web server. However, you shouldn't store sensitive data there.
BC
2010-06-03 22:02:19
Additionally, the Membership stuff in ASP.NET makes use of either cookies or session for just this thing based on settings in the web.config, so it's really easy to make changes later. But I added this to point out that @BC is right, don't put anything on the client (cookies) that you don't want them to have. + you can share sessions between servers if configured right (no, I don't wanna try it, but it can be done ~ Mostly due to you can use a database to store session info)
drachenstern
2010-06-03 22:09:17
A:
Web.Config for InProc session:
<configuration>
<sessionstate mode="inproc" cookieless="false" timeout="20"/>
</configuration>
VB for using session
Session("Key") = value
If you're only looking to store the UserName, I suggest using the ASP.NET Membership (http://www.4guysfromrolla.com/articles/120705-1.aspx). It will automagically take care of your authentication and give you access to a user's Identity whenever they send a request to the server.
Mike Cellini
2010-06-04 01:40:12
Actually I would suggest using the ASP.NET Membership Provider for your authentication regardless...
Mike Cellini
2010-06-04 01:40:53