How To Store Value In Session If In Browser Cookie Is Disabled
Dec 1, 2010Can i still store value in session if in browser cookie is disabled?
View 2 RepliesCan i still store value in session if in browser cookie is disabled?
View 2 RepliesIt's weird, my firefox has cookies disabled, yet I am still able to retrieve the cookie.
Code:
protected void Page_Load(object sender, EventArgs e)
{
Response.Cookies["a"].Value = "1";
}
protected void Button1_Click(object sender, EventArgs e)
{
Label1.Text = Request.Cookies["a"].Value.ToString(); //it returns value
}
Why is this?
I have an application running ASP.NET. I have different domains and different sub-domains. I want the domains to share session with their sub domains.
For Example, the following domains access this application:
[URL]
If a user goes to www.example1.com and print.example1.com, I want it to use the same session. If the user were to go to www.example2.com and print.example2.com, I would want it to use a different session than the *.example1.com.
The way I used to handle it was a hack in page_load that works perfectly in IIS6:
Response.Cookies["ASP.NET_SessionId"].Value = Session.SessionID;
Response.Cookies["ASP.NET_SessionId"].Domain = SiteUtility.GetCookieDomain();
(SiteUtility.GetCookieDomain would return .example1.com or .example2.com depending on the url of the request) Unfortunately, this no longer seems to work for iis7. Each subdomain/domain a user goes to, the user gets a new session cookie.
I then found the web.config entry: '<httpCookies domain=".example1.com" />. This works great for sharing session cookie between example1.com subdomains. Unfortunately, this completely screws up session state for *.example2.com.
What are the exact steps required for a cookie to persist after a browser is closed? At the moment I have:
System.Web.Security.FormsAuthentication.Decrypt(Request.Cookies[System.Web.Security.FormsAuthentication.FormsCookieName].Value)
{System.Web.Security.FormsAuthenticationTicket}
CookiePath: "/"
[code]...
Is it possible to perform user management (store user info, login , logout etc) without using session or cookie?
View 3 RepliesIts related to datatable in gridview store in session and then session retrive and store to database. basically i am using gridview here creating new row for button click and these row adding untill user's last entry then submit all these entry to database. so i want to use session variable to store this data temporarily and after final entry user click on submit button and all data shold be save in db.
View 9 RepliesI am a bit baffled here; using IE7, ASP.NET 2.0 and Cassini (the VS built-in web server; although the same thing seems to be true for "real" applications deployed in IIS) I am looking for the session-id-cookie. My test page shows a session id (by printing out Session.SessionId) and Response.Cookies.Keys contains ASP.NET_SessionId. So far so good.
But I cannot find the cookie in IEs cookie-store! Nor does "remove all cookies" reset the session (as it does in FF)... So where - I am tempted to write that four letter word - does IE store that bloody cookie? Or am I missing something? By the way there is no hidden field with a session id either, as far as I can see. If I check in FF there is a cookie called ASP.NET_SessionId as I would expect. And as mentioned above deleting that cookie does start a new session; as I would expect.
What is the best way to track users on our Asp.net websites if they have there cookie disabled.
I heard about Flash cookies but could not find a good resource to access the flesh cookies using Asp.Net or JavaScript.
Does anyone know a better method?
I need to make my asp.net session cookie as secure but whenever i check user authentication and after that i am trying to set cookie to true then my session lost my user information and so it always redirect login page. I am settings user to HttpContext.Current.Session["user"] and check every time, is user is valid and if valid then move ahead. but before that i make my asp.net session cookie as true.
[Code]....
but after that i observe that somehow "Session_Start" event gets called.
Is it possible to use mixed cookieless sessions with cookie sessions? I've an application that captured user details and then redirect for payment to an ssl page. I was wondering if this is possible? [URL] redirects to [URL] Note: the session Id in the latter url. So in essence, we use the standard cookie session for the majority of the application but when we transfer to an ssl page we pass the SessionId to the https url to pick up the session. I've tried this locally but it starts a new session.
View 1 RepliesHow to find whether a user has enabled or disabled JavaScript in the browser or the browser does not support JavaScript?
View 5 RepliesHow to disabled Toollbar(Menubar) of Browser?
View 5 RepliesWhat will happen if cookies are disabled in my browser, will the session(sessionid and session variables) still be created?
View 2 RepliesWhat should i do if the javascript was disabled on the client browser ?
Should I call the server side ? and how could i do such a thing if it is possible ?
I have a web page, and I am using JQuery ajax, and I'm calling the server side using the webMethod attribute, so what should i do if the client browser disable Javascript ....
I'm using session to store C# object but my session is expiring regularly.
I've given 540 minutes for session timeout. ( <sessionState mode="InProc" timeout="540"/>)
Now I want to use cookie instead of session to remove this timeout problem.
code below:
[code].....
give me an example (or point me in the right direction) on how to store custom data in an ASP.NET Membership cookie? I need to add some custom properties like UserID and URLSlug to the cookie and be able to retrieve the information in the same way one would retrieve the Username.
Edit:
I used Code Poet's example and came up with the following.
When I set a breakpoint at Dim SerializedUser As String = SerializeUser(userData) the value of userData is right. It has all the properties I expect it to have.
The problem I'm now running into is that when I get to Dim userdata As String = authTicket.UserData (breakpoint), the value is "". I'd love to figure out what I'm doing wrong.
Here's the code.
Imports System
Imports System.Web
Imports System.Web.Security
Namespace Utilities.Authentication
Public NotInheritable Class CustomAuthentication
Private Sub New()
End Sub
Public Shared Function CreateAuthCookie(ByVal userName As String, ByVal userData As Domain.Models.UserSessionModel, ByVal persistent As Boolean) As HttpCookie
Dim issued As DateTime = DateTime.Now
''# formsAuth does not expose timeout!? have to hack around the
''# spoiled parts and keep moving..
Dim fooCookie As HttpCookie = FormsAuthentication.GetAuthCookie("foo", True)
Dim formsTimeout As Integer = Convert.ToInt32((fooCookie.Expires - DateTime.Now).TotalMinutes)
Dim expiration As DateTime = DateTime.Now.AddMinutes(formsTimeout)
Dim cookiePath As String = FormsAuthentication.FormsCookiePath
Dim SerializedUser As String = SerializeUser(userData)
Dim ticket = New FormsAuthenticationTicket(0, userName, issued, expiration, True, SerializedUser, cookiePath)
Return CreateAuthCookie(ticket, expiration, persistent)
End Function
Public Shared Function CreateAuthCookie(ByVal ticket As FormsAuthenticationTicket, ByVal expiration As DateTime, ByVal persistent As Boolean) As HttpCookie
Dim creamyFilling As String = FormsAuthentication.Encrypt(ticket)
Dim cookie = New HttpCookie(FormsAuthentication.FormsCookieName, creamyFilling) With { _
.Domain = FormsAuthentication.CookieDomain, _
.Path = FormsAuthentication.FormsCookiePath _
}
If persistent Then
cookie.Expires = expiration
End If
Return cookie
End Function
Public Shared Function RetrieveAuthUser() As Domain.Models.UserSessionModel
Dim cookieName As String = FormsAuthentication.FormsCookieName
Dim authCookie As HttpCookie = HttpContext.Current.Request.Cookies(cookieName)
Dim authTicket As FormsAuthenticationTicket = FormsAuthentication.Decrypt(authCookie.Value)
Dim userdata As String = authTicket.UserData
Dim usersessionmodel As New Domain.Models.UserSessionModel
usersessionmodel = DeserializeUser(userdata)
Return usersessionmodel
End Function
Private Shared Function SerializeUser(ByVal usersessionmodel As Domain.Models.UserSessionModel) As String
Dim bf As New Runtime.Serialization.Formatters.Binary.BinaryFormatter()
Dim mem As New IO.MemoryStream
bf.Serialize(mem, usersessionmodel)
Return Convert.ToBase64String(mem.ToArray())
End Function
Private Shared Function DeserializeUser(ByVal serializedusersessionmodel As String) As Domain.Models.UserSessionModel
Dim bf As New Runtime.Serialization.Formatters.Binary.BinaryFormatter()
Dim mem As New IO.MemoryStream(Convert.FromBase64String(serializedusersessionmodel))
Return DirectCast(bf.Deserialize(mem), Domain.Models.UserSessionModel)
End Function
End Class
End Namespace
Here's where I create all the magic. This method is in a "BaseController" class that inherits System.Web.Mvc.Controller
Protected Overrides Function CreateActionInvoker() As System.Web.Mvc.IActionInvoker
If User.Identity.IsAuthenticated Then ''# this if statement will eventually also check to make sure that the cookie actually exists.
Dim sessionuser As Domain.Models.UserSessionModel = New Domain.Models.UserSessionModel(OpenIdService.GetOpenId(HttpContext.User.Identity.Name).User)
HttpContext.Response.Cookies.Add(UrbanNow.Core.Utilities.Authentication.CustomAuthentication.CreateAuthCookie(HttpContext.User.Identity.Name, sessionuser, True))
End If
End Function
And here's how I try and retrieve the info.
Dim user As Domain.Models.UserSessionModel = CustomAuthentication.RetrieveAuthUser
I'm opening new window from Code Behind for that I'm using Code :
Dim newWin As String = ("<script language='javascript'>" + "window.open('msgstat.aspx' , 'Print', 'height=200, width=220, menubar=no, toolbar=no, scrollbars=no, resizable=no'); </script>")
ClientScript.RegisterStartupScript(Me.GetType(), "pop", newWin)
Now, how can I check from codebehind that Browser's Popup Blocker is enabled or Disabled and show such message.
i am having a application in which java script is must. but i am facing problem when at any client browser has java script disabled. i want a code using which i can check the browsers java script enabled/ disabled property so that the user cannot login until he enables javascript.
View 2 RepliesI have a following architecture:
1) client logins to ASP.NET web site (www.site.com) where the session expired in 3000 minutes and cookieless set to false.
2) After some time client opens Activex in browser. Activex connects to Session Enabled Web Service (www.site.com/Service.asmx) through .NET managed classes.
What I need to do is send cookies which browser recieved while authenticated through Web site. and if such cookie does not exist then the user is not authenticated and connection to Web service will be prohibited.
I understand that I need to use System.Net.CookieContainer class, but How do I set this broser cookie to this class?
localhost.WebService1 web = new localhost.WebService1();
System.Net.CookieContainer cookie = new System.Net.CookieContainer();
web.CookieContainer = cookie;
I want to see the asp.net_sessionid cookie on my IE browser. Where can I find it ?
View 8 Replieswe're in the process of trying to speed up the performance of our website by serving static content from a cookieless domain. That seems to be going well, but I have a new question:
I know that it's "static content" that we're talking about when serving it from a cookieless domain, but we also have static content being served by ASPX pages, specifically images. For example:
domain.com/resizeImages.aspx?src=images/image123.jpg&width=400&height=400
How can I serve the resizeImages.aspx image without ASP.NET setting a cookie on my browser? (At present it sets an ASPXANONYMOUS cookie.)
I have a class called EditMapUtilities. Here are some class properties that I want to persist:
public class EditMapUtlities
{
public static Boolean isInitialEditMapPageLoad
{
get { return SessionHandler.isInitialEditMapPageLoad; }
set { SessionHandler.isInitialEditMapPageLoad = value; }
}
// REST OF CLASS NOT GERMAIN TO DISCUSSION AND OMITTED
}
Here is my SessionHandler Class following the pattern from this post Static Session Class and Multiple Users:
using System.Web.SessionState;
public static class SessionHandler
{
private static HttpSessionState currentSession
{
get
{
if (HttpContext.Current.Session == null)
throw new Exception("Session is not available in the current context.");
else
return HttpContext.Current.Session;
}
}
//A boolean type session variable
private static string _isInitialEditMapPageLoad = "EditMapInitialPageLoad";
public static bool isInitialEditMapPageLoad
{
get
{
if (currentSession[_isInitialEditMapPageLoad] == null)
return true;
else
return (Boolean)currentSession[_isInitialEditMapPageLoad];
}
set
{
currentSession[_isInitialEditMapPageLoad] = value;
}
}
}
I am still learning OOAD. I want to keep relevant properties with relevant classes. I also want to keep all Session stored variables in one place for ease of maintenance and to encapsulate the session keys and calls. I feel like my design is too coupled though. How can I make it more loosely coupled? Is my editMapUtilities class too tightly coupled to the SessionHandler class? How would you do it better?
I try to create a persistent cookie to store a preferred language on our website, but it doesn't work.
So, to isolate the problem, I created a new website, with a blank page and with the code behind bellow. If I click the button, the page post back and I get this:
"Cookies expires: 0001-01-01 00:00:00 value: 10"
[Code]....
When i disable cookie at browser level will 'Form authentication' still work ?.If not,What is the alternative that enables the 'From Authentication' ?
View 2 RepliesCookie is not deleted if another browser remained opened even the current one is closed. I also include the code to get the cookie expired . But it only works properly when user closes all browsers.
View 2 Replies