Cookies, Session State, and Multiple users

[Tim Meagher]

I am trying to use Forms Authentication for a web page with cookies and a
session state. I'm getting a little confused about how to use both and how
the timeouts work. My goal is to have a web page that uses forms
authentication with login info stored in a database, but also to use some
session info during the course of the application. It used to be that when
my cookie expired, the next time a hit anything on the web page I would
encounter the login screen as desried. But then I added session state to
preserve information for the length of the session. Can anyone point me to
some decent articles or information that discusses there various options?

Thank you!

 

[Guest]

Hi Tim,

Which portion exactly are you confused about?

Cookies are on the client, and Session on the server. Therefore timeouts
will be separate. The only linking entity is that the cookie will hold the
session id of the client. When the client makes a request, asp.net would
access the session id to fetch the client's session state information.

This msdn page lists all information on Forms Authentication:
http://msdn.microsoft.com/library/en-us/cpguide/html/cpconthecookieauthenticationprovider.asp

Let me know if you need more assistance.