Tracking user sessions

Because the browser is stateless and cannot save user information, the following mechanisms are used in asp.net to save user status:

1. Use the Cookie of the browser (the Cookie can only store character creden)
 
1. Cookie
Slice Cookie:
Foreach (string strKey in Request. Cookies)
{
String strValue = Request. Cookies [strKey]. Value;
Response. Write ("<li>" + strKey + "=" + strValue + "</li> ");
}
A. Temporary Cookie: a session Cookie, which is stored only in the browser memory. The browser disappears when it is closed.
Creation Method
Response. Cookies ["test0"]. Value = "CHN ";
Response. Write (Response. Cookies ["test0"]. Value );
B. Persistent cookies: These cookies are stored on the client hard disk for a long period of time.
Creation Method
HttpCookie objCookie = new HttpCookie ("test", "CHN_Auberon ");
ObjCookie. Expires = Convert. ToDateTime ("2009-4-5 4-5 ");
Response. Cookies. Add (objCookie );
 
2. Cookie attributes
A. Domain ---- the Domain name associated with the Cookie: for example, cnblogs.com
B. Expires ---- Cookie expiration time
C. HasKeys ---- indicates whether the Cookie is a bool value in the Cookie dictionary.
D. Name ---- Cookie Name
E. Path ---- the Path associated with the Cookie
F. Secure ---- indicates whether the Cookie value can be sent through an encrypted link. The default value is flase.
G. Value ---- indicates the Cookie Value.
H. Values ---- A NameValueCollection that represents all key and value pairs stored in the Cookie dictionary

Ii. Use Session Status)
 
By default, a session Cookie is automatically added to the browser when a user visits the web site of ASP. NET for the first time. This Cookie

The name is _ ASP. NET_SessionID, which will track the user by visiting the Web site later.

1. Notes for using Session
A. Any items added to the session console will exist until the user closes the browser or the user has not accessed the page for more than 20 minutes.

.
B. The Session exists in the memory of the server, and the Session of each user is different.
C. The Session can store any data type and the size is unlimited.

2. Process session events (in the Global. asax file)

Session_Start: when the session starts
Session_End: The Session ends (when the browser is closed normally or the Session times out). You can use Session. Abandon () to end the Session.
 
3. Disable Session by using Page. EnableSessionState = fasle.

3. Cookie-independent sessions (put cookies in URLs ...)
 
Set Tracing sessions to Web. Config
<Configuration>
<System. web>
<SessionState cookieless = "true"/>
</System. web>
</Configuration>

Restriction: When redirecting to a URL, you can only use the relative path
For example:
<A href = "xx. aspx"> xx </a>
<A href = "yy/xx. aspx"> xx </a>
<A href = ".../xx. aspx"> xx </a>
The above links are redirected normally.
<A href = "/xx. aspx"> xx </a>
<A href = "http://xx.aspx"> xx </a>
The two links will lose the session status.