anonymous identification

Posted on 2007-08-06
Last Modified: 2013-11-05

I have read this on msdn

"If anonymous identification is enabled, ASP.NET creates a unique identification for users the first time they visit your site. The unique user identification is stored in a cookie on the user's computer so that the user can be identified with each page request. The cookie's default expiration is set to approximately 70 days and is periodically renewed when a user visits the site. If the user's computer does not accept cookies, the user's identification can be maintained as part of the URL of the page request, although the identification will be lost when the user shuts down the browser."

I am trying to understand how this works. My best bet is that everytime a wepage is requested the webpage looks to see if the user is allowed to see the page. Providing the page has anonymous access, will look for an identification cookie for the user. If there is one, the sliding expiration value is changed. If there isn't, a new one is created.

My key point is that looks for this unique ID cookie on every page request. Is this correct?

Question by:andieje
    LVL 51

    Expert Comment

    Hmm, no that article is talking about each user having a unique session.  So when a users visits your site you can store data in the session that is unique to each user using the Session object.  Any page on the website (secure or not) will retain the same session object for a user.

    The cookie is used to match the user with the correct session and there is only one session cookie for the entire web application, not per page.

    Permissions is another set of functionality that will use the previous functionality but is essentially independent.

    If you want to control access to the web application you need to look into "Forms Authentication"
    LVL 24

    Accepted Solution

    Anonymous authentication is used when you have an ASP.NET Application.

    The MSDN article is right and your summary is in concept correct.  If the page is available to anonymous users, then it will check for the cookie each time a page is requested.  If the user closes the browser and opens a new session, the cookie can still be read even if the IP address changes on the client.  It is also true that if the user clears the cookies, then a new cookie will be generated.


    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Join & Write a Comment

    Suggested Solutions

    Lots of people ask this question on how to extend the “MembershipProvider” to make use of custom authentication like using existing database or make use of some other way of authentication. Many blogs show you how to extend the membership provider c…
    One of the pain points with developing AJAX, JavaScript, JQuery, and other client-side behaviors is that JavaScript doesn’t allow for cross domain request for pulling content. For example, JavaScript code on could not pull conte…
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
    Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now