Click here to Skip to main content
Click here to Skip to main content

ASP.NET Session Login Without Cookies

, 11 Aug 2003
Rate this:
Please Sign up or sign in to vote.
Easiest way to authenticate users without cookies.

Introduction

The following describes the easiest way I have found to force users to log into an ASP.NET website for each session but not require them to accept cookies. You must do the following things.

  1. Create a Web.config file with the appropriate entries to allow session state management.
  2. Create a well formed Global.asax file with the code below included in it.
  3. Create a login page to authenticate users against a database or whatever method you desire.

Code usage

Required Code in the Global.asax

' Fires when the session is started and sets the default loggedin state to ""
Sub Session_Start(ByVal sender As Object, ByVal e As EventArgs)
Session("Loggedin") = ""
CheckLoggedIn()
End Sub
' Called when the request has been process by the Request Handler and 
' HttpSessionState is available [This is the key piece of code that forces 
' the user is login check with each page request]
Sub Application_OnPostRequestHandlerExecute()
CheckLoggedIn()
End Sub
'Check that the user is logged in.
Sub CheckLoggedIn()
'If the user is not logged in and you are not currently on the Login Page.
If Session("LoggedIn") = "" And InStr(Request.RawUrl, "Login.aspx") = 0 Then
Response.Redirect("~/Login/Login.aspx")
End If
End Sub

Finally create a Login.aspx file that authenticates the user. If the user is allowed in, set: Session("Loggedin") = "Yes"

That's all there is to it. Hope this helps! Enjoy!

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here

About the Author

Wraith01

United States United States
No Biography provided

Comments and Discussions

 
GeneralMy vote of 3 PinmemberAmir Mahfoozi20-Dec-11 20:58 
GeneralMy vote of 1 Pinmembernirav_k_mehta27-Dec-10 1:22 
Questionhow session we create for name at all pages Pinmemberimadbaloch13-Apr-09 4:30 
AnswerRe: how session we create for name at all pages Pinmembermauji11-Jul-09 21:27 
QuestionWhat is the appropriate code in Web.Config PinmemberNaveen Mahesh29-Jul-07 19:01 
Questionhow to create login? Pinmembercaabool_oo5-Apr-07 2:13 
Generallogin form Pinmembernon219-Apr-05 21:28 
GeneralRe: login form Pinmemberbalazs_hideghety8-Jun-05 21:53 
Generalshop_store PinsussAnonymous17-Apr-05 22:57 
GeneralRe: shop_store PinmemberWraith0118-Apr-05 3:33 
GeneralRawUrl problem PinsussIsaac Franco Fernandes11-Jan-05 8:30 
GeneralRe: RawUrl problem PinmemberWraith0111-Jan-05 9:25 
QuestionRe: RawUrl problem Pinmembersamdani_basha9-Sep-07 0:17 
AnswerRe: RawUrl problem Pinmemberjoel8528-Nov-08 18:54 
GeneralDeserves a better rating PinstaffNishant S29-Oct-03 1:06 
Generalweb.config in subdirectory PinmemberMajid Shahabfar26-Oct-03 23:59 
GeneralNot exactly PinmemberPhilip Patrick13-Aug-03 4:15 
GeneralRe: Not exactly PinmemberZek3vil13-Aug-03 5:17 
GeneralRe: Not exactly PinmemberPhilip Patrick13-Aug-03 5:27 
GeneralCookieless = no good Pinmemberdog_spawn13-Aug-03 5:28 
GeneralRe: Cookieless = no good PinmemberPhilip Patrick20-Aug-03 20:28 
GeneralRe: Cookieless = no good Pinmemberdog_spawn20-Aug-03 21:33 
GeneralRe: Cookieless = no good PinmemberDavid M. Auld30-Aug-03 16:54 
GeneralYes Pinmemberdog_spawn31-Aug-03 3:35 
GeneralRe: Not exactly PinmemberLennybacon19-Aug-03 6:38 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web04 | 2.8.140721.1 | Last Updated 12 Aug 2003
Article Copyright 2003 by Wraith01
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid