How to store session ID without cookies and without "Cookieless=True"

P

Paul W

Hi -

I don't want to rely on my users having cookies enabled.

If I use Cookieless=True it of course mangles the urls which means there is
no browser caching of the pages, so it is slow.

What are the other options to use to be able to store a small amount of
session data? I know it can be done because, for example,
www.discountasp.net's site doesn't use cookies or cookie-munging, but it
works just fine to remember my login throughout the site.

Thanks for all input,

Paul.
 
B

Brock Allen

What are the other options to use to be able to store a small amount
of session data? I know it can be done because, for example,
www.discountasp.net's site doesn't use cookies or cookie-munging, but
it works just fine to remember my login throughout the site.

What makes you think it's not using cookies? I just ran a test with and without
cookies and I must enable cookies for their site to login.
 
G

gaidar

You have three ways:
1. Store session ID in cookie file
2. Store Session ID in the URL (for example,
mysite.com/HFFKSJ3F35R4W46HR435YFS/myFolder/myPage.aspx
3. Store Session ID in QueryString (for example,
mysite.com/myFolder/myPage.aspx?SID=HFFKSJ3F35R4W46HR435YFS

Nothing more. You should select :)

Gaidar
 
C

Chiky

But how to implement storing sessionid in QueryString? IF I have a
sessionID passed through QueryString, i can't initialize session with
this ID.

Chiky
 
N

Nick Gilbert

If I use Cookieless=True it of course mangles the urls which means there
is no browser caching of the pages, so it is slow.

The browser WILL still cache the pages. The session ID remains the same
all the time as long as you don't force it to create a new session by
linking to a page without including a session ID.

The fact that the URL becomes:

/(bktylw45s3f14345r3w4lx2j)/catalogue.aspx

...is no different to if it was:

/catalogue/catalogue.aspx

It's just a folder name and doesn't affect client side caching at all.

If I were you, I'd use cookieless=true.

Just ensure that your links in the website start with "~" rather than
"/" or otherwise you'll create a new session. ~ gets resolved to the
correct URL for the current session if you pass it through
Server.ResolveUrl(). You don't need to call ResolveUrl manually for most
internal functions that take URLs as arguments.

eg Response.Redirect("~/basket.aspx");

You might also have to convert some hard coded links (HTML) to
asp:HyperLinks so you can use the "~" and thus avoid creating new sessions.

Note that ~ doesn't work in <a> tags. It's a server side macro only.

Hope this helps.

Nick...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,743
Messages
2,569,478
Members
44,899
Latest member
RodneyMcAu

Latest Threads

Top