Last post Jan 31, 2016 02:59 PM by micah2012
Jan 09, 2016 03:11 PM|micah2012|LINK
Jan 09, 2016 07:59 PM|Mikesdotnetting|LINK
In classic ASP, session was the main means to manage authentication. ASP.NET introduced new more convenient APIs for managing authentication - the MembershipProvider. A lot of developers continued to use session despite that.
Default session relies on memory as a store. If the application is restarted for any reason (e.g. app pool recycling, changes to the web config, redeployment), sessions are cleared so users have to log in again.
Jan 11, 2016 10:01 AM|micah2012|LINK
Jan 11, 2016 10:16 AM|Mikesdotnetting|LINK
Jan 11, 2016 10:23 AM|PatriceSc|LINK
Try HttpContext.Current.User.Identity.Name which should return the authenticated user account name regardless of which authentication method is used. Also if using your own custom code to handle authentication, try to use instead what ASP.NET provides out
of the box.
Knowing which .NET version and which authentication method you are using would help to guide you if you need further help.
Session can still be used but preferably for small, frequently needed information that are costly to fetch (so here you already have the information without "caching" it into the session). Also it is best to not access session information directly but to
use that as a storage backend "cache" so that if the session ends, the missing information will be just restored to a new session rather than causing an exception because it is not found any more.
Jan 31, 2016 02:59 PM|micah2012|LINK