I was checking out the asp.net starter kit for time tracker and got confused on the global.asxa file.
I wanted to know if the Application_AuthenticateRequest subroutine unique for each user or session?
The cookie name is UserRoles and it is the same for eveyone. So, I'm confused. I thought you want to give the cookie a unique name so it can retrieve the right cookie for the user.
Jack logs in and it checks to see if cookie with the name userroles exists. If it does then it uses it.
What happens if Bob logs in? Does it find the same cookie?