Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Jan 29, 2013 09:58 AM by rimagandhi
Jan 28, 2013 06:14 PM|LINK
When user is authenicated Asp.net creates cookie which contains authentication ticket and that ise sent to browser along with the response.
When user again reuest any other page of the same website, cookie is sent to server along with the request. My question is that where does cookie stored on server when user logs in first time?
Jan 28, 2013 06:25 PM|LINK
depends on the browser that sends the request and the operating system. the cookies are saved in the same place, it doesn't matter if the site is ASP.NET or not. u can google it for exact path, since it's different on each operating system. for example,
internet explorer on win 7:
Jan 28, 2013 06:37 PM|LINK
Thanks for the reply HJ...I am not asking about browser machine..I want to know where does it reside on web server...Probably my understanding might be wrong...I am explaing my question in detail..Coorrect me if I am wrong...
I know that when user is authenticated, Asp.net generate some ticket and stored it in cookie and send to browser. Now during subsequent request cookie is sent by client to browser and server checks that authentication ticket. My question is that how server
desides wheather that authentication ticket is valid or not?
Jan 28, 2013 06:44 PM|LINK
that ticket is not stored on server as a cookie. it is stored in a session object(ram memory). cookies are client side only!
Jan 28, 2013 07:41 PM|LINK
<forms name=".CookieName" loginUrl="LoginPage.aspx" />
Whenever request comes, asp.net try get cookie from request (name is static located in web.config form tag (default
Note : Cookie encrypected using machine key.
Jan 29, 2013 03:15 AM|LINK
Cookies is always stored in client
Jan 29, 2013 06:34 AM|LINK
cookie is an object that is stored on the client-side only. If you want it to be stored on the server-side, you have to use cookie instead.
For details, please see
Please mark this response as an "answer" if it helps you. Thanks heaps!
Jan 29, 2013 09:58 AM|LINK
First (step 1), the web client requests a page from the server. Because the client has not visited the server before, it does not have a cookie to submit.
When the web server responds to the request (step 2), the web server includes a cookie in the response; this cookie is written to the user’s browser or file system.
The web client then submits that cookie with each subsequent request for any page on the same site
(steps 3 and 4, and any future page views).