.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Where are sessions stored? can users disable sessions on their browser?

Posted By:      Posted Date: October 04, 2010    Points: 0   Category :ASP.Net

It was just a thought that came to my mind and I didn't have an answer for it, are sessions stored on the client side or server side? can a user disable sessions? What if the shopping cart is built using sessions, the user won't be able to use it?

I know cookies are stored on the client side and many users disable cookies so I don't use them, but how about the sessions?

View Complete Post

More Related Resource Links

Separate sessions in browser tabs together with an ajax enabled web site


I want my tabs in my browser to have separate sessions. I  was told to use

<sessionState mode="InProc" cookieless="UseUri"></sessionState> in web.config

 but when I read about it here: http://msdn.microsoft.com/en-us/library/h6bb9cz9(v=VS.100).aspx

the text says "When you configure an AJAX-enabled ASP.NET Web site, use only the default value of UseCookies for the cookieless attribute. Settings that use cookies encoded in the URL are not supported by the ASP.NET AJAX client script libraries."

I'm using Ajax so are there any ideas what I can do about this problem.

Users, Sessions, Processes, Instances, Database Engine

Can you depict me the existing relation between Users, Sessions, Processes, Instances and Database Engine of SQL Server?

Information about sessions


Some questions about sessions:

I know sessions information is stored in the form of cookie and you can use qurystring for that if you set cookieless session in web.config. But I don't exactly understand the scope of a session.

What I believe is when you login to a website, a session cookie is created and the scope of that session is within that page only. If you close the browser that session gets killed and when you open the browser again and go to that site then a new session is created ie a new session is created on every request. Is this correct?

But I have seen in many websites, even if you close the browser and open it again the session is not killed, how does that happen?

Can anyone clear out and explain the scope/lifetime of sessions


Use Membership but bypass / disable password usage for users


I have an application that does LDAP authentication. The authentication is done on the code behind page of my Login.aspx page. Once the user passes LDAP authentication, a cookie is set and I redirect:

FormsAuthentication.RedirectFromLoginPage(UserName.Text, False)

I would like to setup membership in my application and keep track of some user information. But due to company security requirements, I cannot store user passwords on my application. That must stay on the LDAP server only.

Is there a way to store users but disable password storage on the aspnet_membership table?

ASP.Net sessions



Is there a way to access a session of ASP.Net application from a windows based application and check if it has exceeded a certain number of minutes then the windows based application should be able to kill that session. I am looking for the right kind of object that can allow me to access a list of sessions that are currently in use but have been idle for a while.

I might end up creating a windows service hosted on a web server that would run probably every 5 minutes or more and check for such idle sessions and kill any that have exceeded the limit.

One class that I found out related to sessions is. Am I in the right direction?


Looking for some inputs.



how to write a stored proc to prevent multiple users in uploading the reports at a time? plsss help



I wanted to know how to prevent more than one user from uploading the report at a time .I am new to .net ,plss help with the code that would be great.Details are below:

This is a Windos based app written in c# . When User A  clicks Upload option on  one server  from the menu  to upload the files  and at the same time when User B clicks Upload option on different server , User B should be alerted a message saying "User A's uploading is in progress,pls wait" . How to achieve this, plsss help with the code.. I am thinking this logic should be kept in a stored proc, How do I write that proc? plss help


Thanks in advance!

Sessions and null



 I have the following code

if (Session["vip_email"] != null || Session["vip_email"] != ""  )
                tb_email.Text = Session["vip_email"].ToString();

It breaks because it always thinks that the session is not null when it is (Object reference not set to an instance of an object.)

Am I using sessions correctly in asp.net

Can someone please assist?




Download the PowerPoint Files Used in Sessions During the SharePoint Conference

View PowerPoint files that represent a selection of the ten most popular SharePoint 2010 and Office 2010 developer track sessions at the conference.

OPEN SYMMETRIC KEY - Persist Across Sessions

We have a client .NET WPF application which connects to a local SQL 2008 Express server.  We are using symmetric SQL encryption to encrypt some columns.  In order to encrypt or decrypt, we must first open the symmetric key.  We have a logon trigger which opens the key automatically for us. Unfortunately, the key is opened A LOT due to the key being closed after each session closes.  This causes the CPU to peg at 100%.  We are using connection pooling and it would be wonderful to have the key remain open across sessions.  Anyone have any thoughts on how to do this?

How to manage multiple sessions from the same pc

#Newbie alert#  Only 8 months experience with school education back in 2002.   I'm using VS 2008, C# 3.5 to develop my own login system for our company website. Originally we have a "simple" design which only had a login and order page. That order page needs to be opened for 10-12 hours at the time while our stores are opened without having to relog into the system for each query. We also have a requirement that some users need to access 2 different compagnies (separate inventories) which require 2 different logins. I solved that "cross over" session problem by moving all the values into viewstate with my own viewstate manager class right after the login. Now my problem is that we are adding more and more pages and I don't want to be stuck with the problem to resave the viewstate to session and then back on viewstate for every menu items and buttons.   Is there a way to create some sort of items list of all the sessions opened by the user and only transmit that from pages to pages?

Coding is not working for Making Password Field Encrypted in sql and using sessions .basically its a

Dim cn As SqlConnection         Dim cmd As SqlCommand         Dim dr As SqlDataReader         cn = New SqlConnection         cn.ConnectionString = ConfigurationManager.ConnectionStrings("fees_systemConnectionString").ToString         cn.Open()         cmd.Connection = cn         cmd.CommandType = CommandType.Text         Dim Hashpass As String = FormsAuthentication.HashPasswordForStoringInConfigFile(password.Text, "sha1")         cmd.CommandText = "Select * from login where username='" & Me.txtUsername.Text & "' and password = '" & Hashpass & "'"         Dim re As SqlDataReader = cmd.ExecuteReader()         If re.HasRows Then             While re.Read()                 Session("email_id") = re("username").ToString()                 Session("MemberType") = re("type").ToString()                 Session("ISLOGIN&

To prevent the service from aborting idle sessions prematurely increase the Receive timeout on the s

The following error is issued following 10 minutes of system inactivity: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail. ---> System.ServiceModel.FaultException: The message could not be processed. This is most likely because the action 'http://tempuri.org/IParticipant/SearchParticipants' is incorrect or because the message contains an invalid or expired security context token or because there is a mismatch between bindings. The security context token would be invalid if the service aborted the channel due to inactivity. To prevent the service from aborting idle sessions prematurely increase the Receive timeout on the service endpoint's binding. Per the message, I tried changing the app config on the client from     receiveTimeout     ="00:10:00" to     receiveTimeout="10:00:00" but the change seems to have no impact.  What am I missing?

disable browser keys & menu functions

I ran across a few links on making an asp.net app fullscreen with javascript.    But I'd also like to keep users withing my app unless they log out.    How do you disable ctrl-esc, ctrl-c, window, selection & right mouse click?    Are there any other keys you can use to prevent a user from either copying data from a browser window or closing it?     That would also mean eliminating or suppressing the upper right hand minimize & close buttons in browser windows and the file menu.     If the code is specific to internet explorer then I'd also have to check whether their browsing from a firefox browser, unless the code would be the same for both.    

Javascript Sessions

Hi ,Say if got a radio button and when i click the radio button it gets it innerHTML then  it needs to save it as a session then to brings up a popup window and retrieve the innerHTML that is save in a session Any suggetions will be helpfullThx

Browser back button issue when ViewState stored in DB.

I implemented the solution of storing the ViewState in DB (since we were getting lots of Invalid & Corrupt Viewstate errors on our site daily) as given in the following website:http://weblogs.asp.net/adweigert/archive/2004/03/09/86628.aspxThe solution was implemented in one of the aspx pages on our site that behaves like a wizard (not using the wizard control though). After starting to store the viewstate in DB, the Invalid ViewState errors were eliminated completely, but I am now facing the following problem:1) User selects radiobutton1 of the two radiobutton choices on Page 2 of the wizard, a postback happens which displays some extra information on the page based on the selection. Now the user hits the next button on the page that also does a postback & displays Page 3.2) On Page 3, user hits the "back button" of the browser instead of the "previous page" button that is available on that page.3) This displays Page 2 from cache in original state(without any selections made). When user now selects radiobutton2, a postback is supposed to happen, but it does not. User then clicks "next" button on Page 2 (a postback does happen here however), & Page 3 is displayed, but it still thinks that radiobutton1 was selected (the original selection that was made in step1) on the previous page & hence displays information accordingly.I am assumi

Problem: Sessions got mixed up when open multiple tab for a sigle application

We got a problem that Sessions got mixed up when open multiple tab in a single application. We could change the code that do not use session variable in a that level, but a tons of page need to be modified. We need to find a quick fix for this problem. Is any thing we can do in code level to prevent user open multiple tab in a single application? O any thing we can do to keep its own session for a single tab?
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend