Last post Mar 10, 2015 10:04 PM by Krunal Parekh
Mar 10, 2015 06:26 AM|pathipati|LINK
Is there any difference between the ASP.NET Session (HttpSessionStateBase) and browser session (default session id between the browser and IIS).
Mar 10, 2015 06:38 AM|AidyF|LINK
I don't really know what you mean by "browser session", but the answer is probably "yes". The session state itself is held on the server and the session's id is held in a cookie on the client. That cookie is sent with each request which lets IIS know which
session is valid for that user. HttpSessionBase is a base class that lets you create objects that act like the session.
Mar 10, 2015 09:29 AM|siva_sm|LINK
Both are same. Technically, browsers don't maintain any session per-se; it is the server (here, ASP.NET) that maintains sessions and identifies each session with a session ID. This is the session ID that is passed to the browser.
Mar 10, 2015 10:04 PM|Krunal Parekh|LINK
Web is stateless, which means a new instance of a web page class is re-created each time the page is posted to the server. As we all know, HTTP is a stateless protocol, it can't hold client information on a page. If the user inserts some
information and move to the next page, that data will be lost and the user would not be able to retrieve that information. Session provides a facility to store information on server memory. It can support any type of object to store along with our own custom
objects. For every client, session data is stored separately, which means session data is stored on a per client basis.
ASP.NET uses an 120 bit identifier to track each session. This is secure enough and can't be reverse engineered. When a client communicates with a server, only the session ID is transmitted between them. When the client requests for data, ASP.NET looks
for the session ID and retrieves the corresponding data.
Hope this clarifies what you want to know.