O'Reilly logo

Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB by Stefan Schackow, Bilal Haidar

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

8.5. Configuring Session State Inside IIS 7.0

The <sessionState> configuration section is usually edited inside the application's web.config. If you want to change the default predefined values, you can configure a <sessionState> section by specifying the session state mode and cookie settings. Although the application's web.config file provides very good IntelliSense to do this, IIS 7.0 provides a graphical user interface to edit the application's <sessionState> configuration section. To edit the <sessionState> section, double-click the Session State applet inside IIS 7.0 Manager, as shown in Figure 8-1.

Figure 8-1. Figure 8-1

Figure 8-2 shows the IIS 7.0 Windows form used to edit the <sessionState> section for an application.

Figure 8-2. Figure 8-2

All the different session state mode options are listed so that you can select a single mode setting. If a setting requires additional information (for instance, the SQL Server session state), a UI section is enabled so that you can edit the needed information. Moreover, you can specify the session cookie mode, name, and timeout of the cookie in case Use Cookies was selected. The last checkbox on the screen, Use Hosting Identity for Impersonation, allows you to use Windows authentication and the host process identity (either ASP.NET ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required