sessionState cookieless and forms cookieless

[ravisingh11]

<authentication mode="Forms">
<forms loginUrl="Login.aspx"
protection="All"
timeout="30"
cookieless="AutoDetect" />
</authentication>

Over here we can specify cookiless to be auto detect so it uses cookies
if the client supports it or URL mangling(munging) if it doesnt.

Now however I want to support session state on the SQL server
<!--<sessionState mode="SQLServer"
stateConnectionString="tcpip=127.0.0.1:55455" sqlConnectionString="data
source=127.0.0.1;user id=sa;password=''" cookieless="Autodetect"
timeout="20"/>-->

here i am a little confused, would cookieless="UseDeviceProfile" be
(faster)?
Does the setting of cookieless here take precedence or does the form
authentication take precedence?


Thoughts.

Thanks

-Ravi Singh

 

[Brock Allen]

here i am a little confused, would cookieless="UseDeviceProfile" be

(faster)?
Does the setting of cookieless here take precedence or does the form
authentication take precedence?

FormsAuthentication and SessionState use different cookies. Those are two
features that are independant of one another. IOW, a Session != an Authenticated
user.

UseDeviceProfile just means that you can choose to issue a cookie or use
UrlMangling depending upon the device type, not dynamically based upon whether
they're enabled cookies.

 

[Ravi Singh (UCSD)]

Hey Brock thanks for replying,

Would it make sense to force cookies in one and not in the other.
Dosent FormsAuthentication also emply URLmangling like Session?

Thanks

-Ravi.