I am using ASP.net for developing an intranet website. I need to hold the userid across all postbacks for all the pages in the website. Is it advisable to hold those information in Session or somether way is available.
+1
A:
FormsAuthentication is also capable of holding a custom userid, and solves a lot of things for you like setting the cookie, login page redirection etc.
You can set the userid using the RedirectFromLoginPage method and then use the FormsAuthentication_OnAuthenticate event to find and set the Page.User property, to access all the other logic you need.
GvS
2009-03-30 11:25:52
A:
The most common ways of doing this are using either the ASP.NET Session Object or using cookies.
Either way will work well, but if you wish for their user information to persist even after the session has timed out (such as the closing of a browser window), then you would want to look into cookies. Session information will be disposed upon closing of a browser, or the activity timeout has been reached.
TheTXI
2009-03-30 11:26:06
+/- 0: If using cookies, be sure to keep in mind that users can construct their own cookie, and so could use another ID to access someone elses information.
ck
2009-03-30 11:27:36
A:
If using Forms Authentication, then the username will be available as:
Page.User.Identity.Username
If you need to hold another piece of information alongisde this, then use Session.
PS. I recommend using a class to wrap your session variables for strong-typedness and potential default values.
ck
2009-03-30 11:26:28