June 2002
Intermediate to advanced
816 pages
28h 12m
English
Content preview from ASP.NET in a NutshellBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Chapter 33. The System.Web.SessionStateNamespace
The System.Web.SessionState namespace provides the
types used for session state management, which stores information that
is specific to one session or client. Each user accessing an ASP.NET
application has a separate session state collection. Session state is
ideal for sensitive data (like credit card numbers and mailing
addresses) because it is stored exclusively on the server. It is also
well suited for complex data (like recordsets,
.NET class instances, or COM objects) that cannot be easily serialized to a client-side
cookie.
To support session state, each active ASP.NET session is identified and
tracked with a unique 120-bit session ID string. Session ID values are
created and managed automatically by the ASP.NET framework by using an
algorithm that guarantees uniqueness and randomness so that they can’t
be regenerated by a malicious user. When a client requests an ASP.NET
page, the appropriate ID is transmitted from the client by a cookie or
a modified (“munged”) URL. ASP.NET worker processes then retrieve the
serialized data from the state server as a binary stream, convert it
into live objects, and place these objects into the HttpSessionState class’s
key/value collection. This class is the core of the System.Web.SessionState namespace. Most other
classes in this namespace are used transparently by the ASP.NET
framework, except the IReadOnlySessionState and IRequiresSessionState
interfaces, which allow custom System.Web.IHttpHandler ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.