Question on Session

M

michdoh

HI

We currently are running an MCMS 2002 web site on windows 2000. dot.net
framework 1.1.

I'm looking to use the asp.net session to keep a user logged in after
authentication. This seems pretty straight forward but I have a couple
of general questions about the asp.net session object if any one can
help.

Firstly i'm new to this so I apologise if I'm being stupid.

1: If a user logs on to our site, autheticates and then, within the
same session, navigates to web site that does not run on the dot net
framework, will the asp.net session token (which I believe is stored in
a cookie or nested in the URL) be deleted?

2: I assume every web server (Apache etc) creates it's own type of
session Identifier, can these co-exist during a single browser session?

Any help is greatly appreciated

Mikey
 
H

Hans Kesting

HI
We currently are running an MCMS 2002 web site on windows 2000. dot.net
framework 1.1.

I'm looking to use the asp.net session to keep a user logged in after
authentication. This seems pretty straight forward but I have a couple
of general questions about the asp.net session object if any one can
help.

Firstly i'm new to this so I apologise if I'm being stupid.

1: If a user logs on to our site, autheticates and then, within the
same session, navigates to web site that does not run on the dot net
framework, will the asp.net session token (which I believe is stored in
a cookie or nested in the URL) be deleted?
Click to expand...

The cookie is remembered by the browser, until that browser is closed.
When the user navigates again to your web-app, that cookie will be sent
again. If this request is within the session-timeout limit (default 20
minutes), then the user will continue in the original session.
2: I assume every web server (Apache etc) creates it's own type of
session Identifier, can these co-exist during a single browser session?
Click to expand...

Maybe the various servers use their own names for the session cookies
(asp.net seems to use a name with a random part). However, the cookies
also contain a "domain" parameter (usually the name of the webserver).
It is entirely possible to have separate cookies with the same name for
different domains. The browser will only send cookies whose domain name
matches the url.
 
M

michdoh

Thanks Hans, Good Info

Hans said:
The cookie is remembered by the browser, until that browser is closed.
When the user navigates again to your web-app, that cookie will be sent
again. If this request is within the session-timeout limit (default 20
minutes), then the user will continue in the original session.


Maybe the various servers use their own names for the session cookies
(asp.net seems to use a name with a random part). However, the cookies
also contain a "domain" parameter (usually the name of the webserver).
It is entirely possible to have separate cookies with the same name for
different domains. The browser will only send cookies whose domain name
matches the url.
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Problem with a login script, SESSION user rights and put this together so it works with the other pages and MySQL. Code examples. 2
Question on compilation order 0
Session State on Load Balanced Web Site 2
Session breaking on redirect 2
Shariing session across domains 2
Sharing session data on different sites on the same domain 7
Session state getting reset, don't understand why... 0
'debug' mode and session question 4

Members online

Total: 20 (members: 1, guests: 19)
Robots: 460

Forum statistics

Threads
473,770
Messages
2,569,583
Members
45,075
Latest member
MakersCBDBloodSupport

Latest Threads

Top