Solved

Sessions

Posted on 1998-11-04
9
252 Views
Last Modified: 2013-12-25
Using ASPs the only way to maintain user sessions in my site is thru the use of cookies or is there another way ?

I want the user to enter a login/password to enter the site. If he desires he can allow the site to drop a cookie and he wouldn't need to reenter the login/password each time he comes back. This id the best way right ?

Is there a simple way to test If the users browser is cookie-enabled ?
0
Comment
Question by:aloha
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 12

Expert Comment

by:Otta
ID: 1856096
> Using ASPs the only way to maintain user sessions
> in my site is thru the use of cookies or is there another way ?

HTTP is a "connection-less" protocol,
every request and response is "independent",
i.e., like plugging coins into a slot-machine.

Contrast this to a telephone-call, where you have "setup",
then a "connection", and finally "hang-up".

> Is there a simple way to test If the user's browser
> is cookie-enabled ?

Send it a cookie, and then try to retrieve the cookie.
If successfully-retrieved, then you have the answer.
0
 
LVL 1

Expert Comment

by:rajgn
ID: 1856097
You can maintain sessions not only by using Cookies but also by Session variables. As a matter of fact, using Session variables is the right way. Here you need not bother about client's browser accepts cookies or not.
0
 

Author Comment

by:aloha
ID: 1856098
Not quite. Session variables are maintained through the use of cookies that "mark" each user with a session id. This session id can be seen as the "key" to access the user/session variables.

What I would like to know is what happens if the user rejects these cookies ?
0
Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

 
LVL 12

Expert Comment

by:Otta
ID: 1856099
> what happens if the user rejects these cookies ?

It depends on the ASP programming,
and its "tolerance" to unavailabilty of cookies.
0
 

Author Comment

by:aloha
ID: 1856100
could you be more specific ?
0
 
LVL 12

Expert Comment

by:Otta
ID: 1856101
More specific?
If your ASP programming has sent a cookie to a user's browser,
and now tries to retrieve the cookie, and nothing is returned,
then how will your programming react to the data which you
stored in the cookie, but which is now unavailable ?

Compare it to taking your automobile to the dealer,
to get snow-tires installed.  The dealer returns it to you,
but they didn't tell you that they had no such tires in their
warehouse, and then you try to drive through some snow,
without noticing that the summer-tires are still mounted.
The likely result?  A crash!
0
 

Accepted Solution

by:
Eck earned 50 total points
ID: 1856102
You can get CookieMunger from Microsoft which is an IIS ISAPI filter that basically pharses each and every page and changes every link in the page so it contains the information it would have stored in the cookie in the accual link instead. Nice idea, but the overhead must be *massive*.

Hope that helps :]
0
 

Author Comment

by:aloha
ID: 1856103
I know what cookies are. And I understood what you meant by cookie tolerant pages.

What I said is that the IIS web server by default sends a cookie to each user to store his session id (to be used has his key to the "locker room" where his session variables are stores thats the comparison that they usually give in the documentation). What I wanted to know was what happens to the users session variables if he refuses this default cookie (not one sent by me!) ?


0
 
LVL 12

Expert Comment

by:Otta
ID: 1856104
> What I wanted to know was what happens to the users
> session variables if he refuses this default cookie
> (not one sent by me!) ?

When the user rejects them, they are not saved on the user's computer.

When the web-server software tries to retrieve the cookie,
no values can be retrieved -- a message like
"requested cookie was not found" could be sent
from the browser to the web-server.


0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Learn by example how to specify CSS selectors for Selenium WebDriver test automation software.
There’s a good reason for why it’s called a homepage – it closely resembles that of a physical house and the only real difference is that it’s online. Your website’s homepage is where people come to visit you. It’s the family room of your website wh…
This tutorial demonstrates how to identify and create boundary or building outlines in Google Maps. In this example, I outline the boundaries of an enclosed skatepark within a community park.  Login to your Google Account, then  Google for "Google M…
The viewer will learn how to dynamically set the form action using jQuery.

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question