Solved

Sessions

Posted on 1998-11-04
9
247 Views
Last Modified: 2013-12-25
Using ASPs the only way to maintain user sessions in my site is thru the use of cookies or is there another way ?

I want the user to enter a login/password to enter the site. If he desires he can allow the site to drop a cookie and he wouldn't need to reenter the login/password each time he comes back. This id the best way right ?

Is there a simple way to test If the users browser is cookie-enabled ?
0
Comment
Question by:aloha
9 Comments
 
LVL 12

Expert Comment

by:Otta
ID: 1856096
> Using ASPs the only way to maintain user sessions
> in my site is thru the use of cookies or is there another way ?

HTTP is a "connection-less" protocol,
every request and response is "independent",
i.e., like plugging coins into a slot-machine.

Contrast this to a telephone-call, where you have "setup",
then a "connection", and finally "hang-up".

> Is there a simple way to test If the user's browser
> is cookie-enabled ?

Send it a cookie, and then try to retrieve the cookie.
If successfully-retrieved, then you have the answer.
0
 
LVL 1

Expert Comment

by:rajgn
ID: 1856097
You can maintain sessions not only by using Cookies but also by Session variables. As a matter of fact, using Session variables is the right way. Here you need not bother about client's browser accepts cookies or not.
0
 

Author Comment

by:aloha
ID: 1856098
Not quite. Session variables are maintained through the use of cookies that "mark" each user with a session id. This session id can be seen as the "key" to access the user/session variables.

What I would like to know is what happens if the user rejects these cookies ?
0
 
LVL 12

Expert Comment

by:Otta
ID: 1856099
> what happens if the user rejects these cookies ?

It depends on the ASP programming,
and its "tolerance" to unavailabilty of cookies.
0
3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

 

Author Comment

by:aloha
ID: 1856100
could you be more specific ?
0
 
LVL 12

Expert Comment

by:Otta
ID: 1856101
More specific?
If your ASP programming has sent a cookie to a user's browser,
and now tries to retrieve the cookie, and nothing is returned,
then how will your programming react to the data which you
stored in the cookie, but which is now unavailable ?

Compare it to taking your automobile to the dealer,
to get snow-tires installed.  The dealer returns it to you,
but they didn't tell you that they had no such tires in their
warehouse, and then you try to drive through some snow,
without noticing that the summer-tires are still mounted.
The likely result?  A crash!
0
 

Accepted Solution

by:
Eck earned 50 total points
ID: 1856102
You can get CookieMunger from Microsoft which is an IIS ISAPI filter that basically pharses each and every page and changes every link in the page so it contains the information it would have stored in the cookie in the accual link instead. Nice idea, but the overhead must be *massive*.

Hope that helps :]
0
 

Author Comment

by:aloha
ID: 1856103
I know what cookies are. And I understood what you meant by cookie tolerant pages.

What I said is that the IIS web server by default sends a cookie to each user to store his session id (to be used has his key to the "locker room" where his session variables are stores thats the comparison that they usually give in the documentation). What I wanted to know was what happens to the users session variables if he refuses this default cookie (not one sent by me!) ?


0
 
LVL 12

Expert Comment

by:Otta
ID: 1856104
> What I wanted to know was what happens to the users
> session variables if he refuses this default cookie
> (not one sent by me!) ?

When the user rejects them, they are not saved on the user's computer.

When the web-server software tries to retrieve the cookie,
no values can be retrieved -- a message like
"requested cookie was not found" could be sent
from the browser to the web-server.


0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Why do we like using grid based layouts in website design? Let's look at the live examples of websites and compare them to grid based WordPress themes.
Get to know the ins and outs of building a web-based ERP system for your enterprise. Development timeline, technology, and costs outlined.
Viewers will get an overview of the benefits and risks of using Bitcoin to accept payments. What Bitcoin is: Legality: Risks: Benefits: Which businesses are best suited?: Other things you should know: How to get started:
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now