?
Solved

Tmpdata vs cookies in mvc

Posted on 2011-02-17
4
Medium Priority
?
737 Views
Last Modified: 2012-05-11
Experts,

I have a question regarding the difference between TempData and storage of cookies in my ASP MVC2 project.  I have want to have users log into my web page and store their login credendital, name, what they have rights to, etc.  This data is going to need to be passed around from page to page to i can keep a track if they have proper rights to certain functionality.n  Is it best to store this information in a cookie or a TempData?
0
Comment
Question by:esesjay4
4 Comments
 
LVL 21

Expert Comment

by:Craig Wagner
ID: 34926739
TempData is used to pass information from one view to another on the server side. It does not persist between requests. If you want the information to remain persistent for the duration of the user's session you will either have to use cookies or session state on the server.
0
 
LVL 28

Assisted Solution

by:strickdd
strickdd earned 100 total points
ID: 34928172
DO NOT STORE THIS IN COOKIES. Cookies are on the client side and if you store what access type they have to your site, they can just change that value and get to a portion of the site they shouldn't be able to. The best way to prevent that is to store that information in a Session variable. That is stored server-side and cannot be viewed/changed by the client.
0
 

Author Comment

by:esesjay4
ID: 34929336
So what is the difference then in TempData["message"] vs Session["message"]?
0
 
LVL 51

Accepted Solution

by:
Ted Bouskill earned 400 total points
ID: 34929676
Session[] objects are active while the user session is active until it times out due to inactivity (or the Application Pool is recycled)  In your case that is what you should be using, however, I'd recommend a wrapper function to test the session of null values, then act accordingly

public static String GetSessionString(string inSessionString)
{
   if (Session[inSessionString] == null)
  {
     // Do something to reset the session variable or redirect to fix it (log in et cetera)
   }
   return Session[inSessionString];
}

That way if the user leaves the page open for 20 minutes and exceeds the default ASP.NET timeout of 20 minutes for a session they won't get exceptions!
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

I recently went through the process of creating a Calendar Control of events with the basis of using a database to keep track of the dates that are selectable, one requirement was to have the selected date pop-up in a simple lightbox.  At first this…
A quick way to get a menu to work on our website, is using the Menu control and assign it to a web.sitemap using SiteMapDataSource. Example of web.sitemap file: (CODE) Sample code to add to the page menu: (CODE) Running the application, we wi…
Watch the video to know the simple way to remove or recover or reset lost or forgotten passwords of Outlook PST file. With Kernel Outlook Password Recovery tool such operation is very easy to perform. It is a freeware with limitation to use with 500…
Watch the video to know the process of migration of Exchange or Office 365 mailboxes in absence of MS Outlook. It is an eminent tool which can easily migrate Public, Archive user mailboxes from one another Exchange server and Office 365. Kernel Migr…

589 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question