Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Tmpdata vs cookies in mvc

Posted on 2011-02-17
4
718 Views
Last Modified: 2012-05-11
Experts,

I have a question regarding the difference between TempData and storage of cookies in my ASP MVC2 project.  I have want to have users log into my web page and store their login credendital, name, what they have rights to, etc.  This data is going to need to be passed around from page to page to i can keep a track if they have proper rights to certain functionality.n  Is it best to store this information in a cookie or a TempData?
0
Comment
Question by:esesjay4
4 Comments
 
LVL 21

Expert Comment

by:Craig Wagner
ID: 34926739
TempData is used to pass information from one view to another on the server side. It does not persist between requests. If you want the information to remain persistent for the duration of the user's session you will either have to use cookies or session state on the server.
0
 
LVL 28

Assisted Solution

by:strickdd
strickdd earned 25 total points
ID: 34928172
DO NOT STORE THIS IN COOKIES. Cookies are on the client side and if you store what access type they have to your site, they can just change that value and get to a portion of the site they shouldn't be able to. The best way to prevent that is to store that information in a Session variable. That is stored server-side and cannot be viewed/changed by the client.
0
 

Author Comment

by:esesjay4
ID: 34929336
So what is the difference then in TempData["message"] vs Session["message"]?
0
 
LVL 51

Accepted Solution

by:
Ted Bouskill earned 100 total points
ID: 34929676
Session[] objects are active while the user session is active until it times out due to inactivity (or the Application Pool is recycled)  In your case that is what you should be using, however, I'd recommend a wrapper function to test the session of null values, then act accordingly

public static String GetSessionString(string inSessionString)
{
   if (Session[inSessionString] == null)
  {
     // Do something to reset the session variable or redirect to fix it (log in et cetera)
   }
   return Session[inSessionString];
}

That way if the user leaves the page open for 20 minutes and exceeds the default ASP.NET timeout of 20 minutes for a session they won't get exceptions!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses the ASP.NET AJAX ModalPopupExtender control. In this article we will show how to use the ModalPopupExtender control, how to display/show/call the ASP.NET AJAX ModalPopupExtender control from javascript, how to show/display/cal…
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question