tags:

views:

763

answers:

2
+3  Q: 

.NET MVC and securely passing data between pages

a little background info first. I have been using Web Forms for most of my career and have recently become interested in .NET MVC. I realize that it is intended to be stateless, however, i dont understand how it is completely feasible. In a forms application, the user authenticates and I return a user ID and some roles which are then placed in that users session. When I need them, all I have to do is pull it out of session and I have it. From what I have read, session and MVC are mutually exclusive. Ive read that one can use TempData to pass values but it only persists for one page visit and then its gone. Is there a standard way that data can be "persisted" on an MVC site other than adding redundant code to every controller where i want to pass the data? Thanks in advance for any help!

+2  A: 

The ASP.NET MVC Framework is built upon the ASP.NET framework and as such, you can use Session state in ASP.NET MVC:

Session["MyVar"] = "SomeValue";
Praveen Angyan  2009-06-03 16:54:05
+3  A: 

I think there might be some confusion in terms here. What's truly stateless here is the HTTP protocol. ASP.NET WebForms was a technology developed to try and build a framework that "worked around" the statelessness of HTTP, and create a stateful web based application framework. That is why you see things in WebForms such as ViewState, which essentially carries the state of the application along the pipe.

ASP.NET MVC came along and took a different approach. It embraces the statelessness of HTTP. That's why there's no ViewState in MVC.

However, that does not mean that you are no longer interacting with stateful entities. The client machine (a browser for instance) is a stateful application, just as the server running the server side code (in this case IIS or whatever) is stateful as well.

Therefore, things that are on the server side are still stateful (like Session, Application, Cache), and you can still use them. Also, the client-side is stateful as well, which is why client-side scripting has become so powerful in recent years; people trying to take full advantage of the statefullness of the browser.

Joseph  2009-06-03 17:09:17

related questions

Subsonic Vs NHibernate
How to check For File Lock in C# ?
Is nAnt still supported and suitable for .net 3.5/VS2008?
Limit size of Queue<T> in .NET?
Viewstate invalid when using Safari
Free OCR library
Unhandled Exception Handler in .NET 1.1
Localising date format descriptors
Get a new object instance from a Type in C#
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
.NET Testing Framework Advice
Embedded Database for .net that can run off a network
Automatically update version number
Homegrown consumption of web services
How do you migrate a large app from VB6 to VB .net ?
.NET Migrations Engine
Adding Scripting functionality to .NET applications
SQLite and XSD
Floating Point Number parsing: Is there a Catch All algorithm?
How do I programmatically create a PDF in my .NET application?
How do I sync the SVN revision number with my ASP.NET web site?
XSD DataSets and ignoring foreign keys
Anatomy of a "Memory Leak"
Reliable Timer in a Console Application
How do I calculate relative time?