Back to discussion

Asp.net (Session management)

Last post was 29 Jan 2008 at 08:28
asp.net , db Hassan, India
  • 13 years ago

    i am developing Job site i am not able to find out how to maintain session for a registered user and the data of that user should pass to all the pages until the session expires

    Report abuse
  • 13 years ago

    Hi,

    Use Session variables to maintain the session.

    Session variables can be created as follows

    Session["User"] = txtUserName.Text;

    Way to retrieve the session data

    string userName = Session["User"].ToString();

     

     

    Report abuse
  • 13 years ago

    Hi

    You can use session variable for maintaining the user session. But it is advisable not to store sensitive info like password or credit card info into sessions.

    when user logout, set the session variables to null.

     

    sanjeev

     

    Report abuse
  • 13 years ago

    hi

    Session management is of three types

    *       InProc *       State Server

    *       SQL Server

    Session state can be configured using the <sessionState> section in the application's web.config file.  Hence, we can increase the default Session timeout value to our desired value using the following statement in the web.config file.
    <sessionState mode = <"inproc" | "sqlserver" | "stateserver">         cookieless = <"true" | "false">  timeout = <positive integer indicating the session timeout in minutes>    sqlconnectionstring = <SQL connection string that is only used in the SQLServer mode>         server = <The server name that is only required when the mode is State Server>         port = <The port number that is only required when the mode is State Server>
    The following section discusses each of the settings shown in Listing 1 earlier, in detail. Mode: This setting supports three options.  They are inproc, sqlserver, and stateserver.  As stated earlier, ASP.NET supports two modes: in process and out of process.   There are also two options for out-of-process state management: memory based (stateserver) and SQL Server based (sqlserver). Cookieless: This setting takes a boolean value of either true or false to indicate whether the Session is a cookieless one. Timeout: This indicates the Session timeout vale in minutes.  This is the duration for which a user's session is active.  Note that the session timeout is a sliding value; on each request the timeout period is set to the current time plus the timeout value. SqlConnectionString: This identifies the database connection string that names the database used for mode sqlserver. Server: In the out-of-process mode stateserver, it names the server that is running the required Windows NT service: ASPState.

    Port: This identifies the port number that corresponds to the server setting for mode State Server.  Note that a port is an unsigned integer that uniquely identifies a process running over a network.

     

    Happy coding

    Florence

    TO get more check my blogspot

    http://dflorence25.blogspot.com

    Report abuse
  • 13 years ago

    Hi, 

    If i understood you right, you are wanting to hold the session of a user logged into a web site that may have sensitive data?

    If i was to be tasked with designing this sort of system with ASP.Net, i would probably be doing the following:

    • User login controlled by formsauthentication with a secure cookie
    • Formsticket to hold a unique number to reference a database entry
    • Database backend linked by formsticket data to user data and preferences
    • Master pages or sub classing page class to rebuild the user data on page load

    That way, once a user is logged in, all their data can be held securely, only a reference to the data is stored in the encrypted cookie and you get a warm rosy glow knowing you have protected your customers data

    Si

    Report abuse

Post a reply

Enter your message below

Sign in or Join us (it's free).

ASP.NET forum discussion

ASP.NET tutorials

Quick links

Recent activity

Contribute

Why not write for us? Or you could submit an event or a user group in your area. Alternatively just tell us what you think!

Web Development

Developer Jobs

Our tools

We've got automatic conversion tools to convert C# to VB.NET, VB.NET to C#. Also you can compress javascript and compress css and generate sql connection strings.

Cancel
“You can stand on the shoulders of giants OR a big enough pile of dwarfs, works either way.”