andieje
asked on
anonymous identification
Hi
I have read this on msdn
"If anonymous identification is enabled, ASP.NET creates a unique identification for users the first time they visit your site. The unique user identification is stored in a cookie on the user's computer so that the user can be identified with each page request. The cookie's default expiration is set to approximately 70 days and is periodically renewed when a user visits the site. If the user's computer does not accept cookies, the user's identification can be maintained as part of the URL of the page request, although the identification will be lost when the user shuts down the browser."
I am trying to understand how this works. My best bet is that everytime a wepage is requested the webpage looks to see if the user is allowed to see the page. Providing the page has anonymous access, asp.net will look for an identification cookie for the user. If there is one, the sliding expiration value is changed. If there isn't, a new one is created.
My key point is that asp.net looks for this unique ID cookie on every page request. Is this correct?
thanks
I have read this on msdn
"If anonymous identification is enabled, ASP.NET creates a unique identification for users the first time they visit your site. The unique user identification is stored in a cookie on the user's computer so that the user can be identified with each page request. The cookie's default expiration is set to approximately 70 days and is periodically renewed when a user visits the site. If the user's computer does not accept cookies, the user's identification can be maintained as part of the URL of the page request, although the identification will be lost when the user shuts down the browser."
I am trying to understand how this works. My best bet is that everytime a wepage is requested the webpage looks to see if the user is allowed to see the page. Providing the page has anonymous access, asp.net will look for an identification cookie for the user. If there is one, the sliding expiration value is changed. If there isn't, a new one is created.
My key point is that asp.net looks for this unique ID cookie on every page request. Is this correct?
thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The cookie is used to match the user with the correct session and there is only one session cookie for the entire web application, not per page.
Permissions is another set of functionality that will use the previous functionality but is essentially independent.
If you want to control access to the web application you need to look into "Forms Authentication"