I gave a first glance at your link and it's intriguing :) Just 2 things I don't understand:
"Implements caching of the principal on the server side (aka session mode) if configured in an AppSetting."
Why cache if you can access the cookie? To avoid let's say 16/20kb roundtrip on the wire right? Does it use sessions to cache?
OT: One question (since you've been so kind with me in the other posts too!) is an empty asp.net session 5kb as it used to be in classic asp or an empty session would just be some bytes for the sessionid?
The second things I'm concerned about is the multiple cookies. Shouldn't be 4kb TOTAL per domain considered safe? Or the actual browser will tolerate multiple 4kb cookies? (btw this won't be an issue since I won't exceed the 4kb limit for my purprose)
manight
Member
59 Points
60 Posts
Re: Using cookies for custom role provider
Apr 29, 2012 06:24 PM|LINK
I gave a first glance at your link and it's intriguing :) Just 2 things I don't understand:
"Implements caching of the principal on the server side (aka session mode) if configured in an AppSetting."
Why cache if you can access the cookie? To avoid let's say 16/20kb roundtrip on the wire right? Does it use sessions to cache?
OT: One question (since you've been so kind with me in the other posts too!) is an empty asp.net session 5kb as it used to be in classic asp or an empty session would just be some bytes for the sessionid?
The second things I'm concerned about is the multiple cookies. Shouldn't be 4kb TOTAL per domain considered safe? Or the actual browser will tolerate multiple 4kb cookies? (btw this won't be an issue since I won't exceed the 4kb limit for my purprose)