ASP 101 - Active Server Pages 101 - Web01
The Place ASP Developers Go!

Please visit our partners

Windows Technology Windows Technology
15 Seconds
ASP 101
ASP Wire
VB Forums
VB Wire
internet.commerce internet.commerce
Partners & Affiliates

ASP 101 is an site
ASP 101 is an site
Internet News
Small Business
Personal Technology

Corporate Info
Tech Jobs
E-mail Offers

ASP 101 News Flash ASP 101 News Flash

 Top ASP 101 Stories Top ASP 101 Stories
An Overview of ASP.NET
Connections, Commands, And Procedures
What is ASP?

IIS Reset
Show All Tips >>
ASP 101 RSS Feed ASP 101 Updates

Quick Tips

Cookie-less Sessions

Sessions were one of the great innovations of classic ASP. Sure they had their problems, but they provided an easy way to store user specific data and gave us an easy way to overcome the limitations of the stateless nature of the Web.

If you were willing to deal with the additional load that sessions could place on your web server, the other main issue developers faced was handling clients that didn't accept cookies. You see, in order to keep track of which client went with which session information, the server would set a cookie on the client browser. Then when the browser requested the next page it would send that cookie back. When the server received the cookie back, it would use the value of that cookie to look up the user's session information. If the browser didn't send back the cookie, then the web server couldn't find the user's session.

Luckily ASP.NET solved this problem by offering a new option. By simply setting an option in your Web.config file you can tell ASP.NET to pass the unique identifier in the querystring instead of via a cookie. Here's the option you need to set in your Web.config:

<?xml version="1.0"?>
    <sessionState cookieless="true" />

Once enabled, you'll see that URLs in your application look a little odd. Instead of the normal URL that might look like this:


you get something like this instead:


ASP.NET automatically adds the portion between the parentheses and uses it instead of a cookie to identify the user. This section of the URL will be unique for each session so that each user's request to the same page will result in a different URL. This way ASP.NET can keep track of sessions without the browser needing to support cookies. After all, every browser supports URLs!

Previous      Show All Tips      Next

If you have a tip you would like to submit, please send it to:

Home |  News |  Samples |  Articles |  Lessons |  Resources |  Forum |  Links |  Search |  Feedback
The Network for Technology Professionals



Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers