Solved

Tmpdata vs cookies in mvc

Posted on 2011-02-17
4
714 Views
Last Modified: 2012-05-11
Experts,

I have a question regarding the difference between TempData and storage of cookies in my ASP MVC2 project.  I have want to have users log into my web page and store their login credendital, name, what they have rights to, etc.  This data is going to need to be passed around from page to page to i can keep a track if they have proper rights to certain functionality.n  Is it best to store this information in a cookie or a TempData?
0
Comment
Question by:esesjay4
4 Comments
 
LVL 21

Expert Comment

by:Craig Wagner
ID: 34926739
TempData is used to pass information from one view to another on the server side. It does not persist between requests. If you want the information to remain persistent for the duration of the user's session you will either have to use cookies or session state on the server.
0
 
LVL 28

Assisted Solution

by:strickdd
strickdd earned 25 total points
ID: 34928172
DO NOT STORE THIS IN COOKIES. Cookies are on the client side and if you store what access type they have to your site, they can just change that value and get to a portion of the site they shouldn't be able to. The best way to prevent that is to store that information in a Session variable. That is stored server-side and cannot be viewed/changed by the client.
0
 

Author Comment

by:esesjay4
ID: 34929336
So what is the difference then in TempData["message"] vs Session["message"]?
0
 
LVL 51

Accepted Solution

by:
Ted Bouskill earned 100 total points
ID: 34929676
Session[] objects are active while the user session is active until it times out due to inactivity (or the Application Pool is recycled)  In your case that is what you should be using, however, I'd recommend a wrapper function to test the session of null values, then act accordingly

public static String GetSessionString(string inSessionString)
{
   if (Session[inSessionString] == null)
  {
     // Do something to reset the session variable or redirect to fix it (log in et cetera)
   }
   return Session[inSessionString];
}

That way if the user leaves the page open for 20 minutes and exceeds the default ASP.NET timeout of 20 minutes for a session they won't get exceptions!
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article shows how to use the open source plupload control to upload multiple images. The images are resized on the client side before uploading and the upload is done in chunks. Background I had to provide a way for user…
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question