Click here to Skip to main content
16,021,687 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
hi to all,

I am new to ASP.net development.
If i use session for which cookieless = false (means it stores session id in cookies).
and at browser cookies are disabled,
then where the session id is stored?
is it URL?
Posted

1 solution

Session state is (almost always) stored on the server, and it is identified by a random number, the session token.

That token needs to be stored by the client, and sent to the server along with his HTTP requests (so that the server can remember that he has seen him before and associate the session to the request).

how one can say that session are stored on server, is that right, that sessions are stored on server?

Only the session token is stored on the client, and since it is a random number, it does not contain any useful information in itself. It only becomes valuable together with the data stored on the server.

if yes then what is the concept of cookieless session

The easiest way to store the token is using cookies. That is what cookies were invented for. Alternatives are handing the cookie back and forth using hidden form variables or as part of the URL.
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900