Solved

Tmpdata vs cookies in mvc

Posted on 2011-02-17
4
723 Views
Last Modified: 2012-05-11
Experts,

I have a question regarding the difference between TempData and storage of cookies in my ASP MVC2 project.  I have want to have users log into my web page and store their login credendital, name, what they have rights to, etc.  This data is going to need to be passed around from page to page to i can keep a track if they have proper rights to certain functionality.n  Is it best to store this information in a cookie or a TempData?
0
Comment
Question by:esesjay4
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 21

Expert Comment

by:Craig Wagner
ID: 34926739
TempData is used to pass information from one view to another on the server side. It does not persist between requests. If you want the information to remain persistent for the duration of the user's session you will either have to use cookies or session state on the server.
0
 
LVL 28

Assisted Solution

by:strickdd
strickdd earned 25 total points
ID: 34928172
DO NOT STORE THIS IN COOKIES. Cookies are on the client side and if you store what access type they have to your site, they can just change that value and get to a portion of the site they shouldn't be able to. The best way to prevent that is to store that information in a Session variable. That is stored server-side and cannot be viewed/changed by the client.
0
 

Author Comment

by:esesjay4
ID: 34929336
So what is the difference then in TempData["message"] vs Session["message"]?
0
 
LVL 51

Accepted Solution

by:
Ted Bouskill earned 100 total points
ID: 34929676
Session[] objects are active while the user session is active until it times out due to inactivity (or the Application Pool is recycled)  In your case that is what you should be using, however, I'd recommend a wrapper function to test the session of null values, then act accordingly

public static String GetSessionString(string inSessionString)
{
   if (Session[inSessionString] == null)
  {
     // Do something to reset the session variable or redirect to fix it (log in et cetera)
   }
   return Session[inSessionString];
}

That way if the user leaves the page open for 20 minutes and exceeds the default ASP.NET timeout of 20 minutes for a session they won't get exceptions!
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes in DotNetNuke module development you want to swap controls within the same module definition.  In doing this DNN (somewhat annoyingly) swaps the Skin and Container definitions to the default admin selections.  To get around this you need t…
Introduction This article shows how to use the open source plupload control to upload multiple images. The images are resized on the client side before uploading and the upload is done in chunks. Background I had to provide a way for user…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question