This is an interview question asked a month ago….
Do session use cookies? If so,how do they do so?
Assume Session["UserId"]=1 how does this session variable uses cookies internally? If so, what will be the name of the cookie and what is the value of that cookie….
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
Whilst the data its self is stored on the server (or in SQL if configured that way), there needs to be a way to associate session data with specific users.
By default this is done with a cookie, but you can configure cookieless in which case the unique id is stored in the URL.
From Microsoft:
ASP maintains session state by providing the client with a unique key assigned to the user when the session begins. This key is stored in an HTTP cookie that the client sends to the server on each request. The server can then read the key from the cookie and re-inflate the server session state.
http://msdn.microsoft.com/en-us/library/ms972429.aspx
Method 2
Every session will have SessionID. And Session ID is a unique number, server assigns to a specific user, during his visit(session). And defaultely, session ID is attached to a cookie and this cookie will be shared from client to server (and server to client) during its requests/responses. And server will identify session based on session id which is retrieved from cookie.
And regarding cookieless, if your browser doesnt support cookie or disabled, then cookieless will be used. Since it is Cookieless, asp.net can not create a cookie to save session id. Instead, the session id will be passed in query string…
Method 3
Yes, by default ASP.NET Session use cookies. As you said this is a frequented ASP.NET Interview Question , you can check this video how to answer the same and also it has other cross questions asked around this topic.
But now for the long answer.
So the way it works. First thing to note is that the actual data is stored in session. Client has the cookie which stores the sessionid.Sessionid is like a ID to attach for this client whats the corresponding data stored in the session.
When client makes a call he sends the cookie (sessionid) and using that sessionid , state is restored from the session variables.
Method 4
Yes, Session management is done using a kind of session-id i.e. cookies. cookies maintained in the browser help backend to identify users.
If you access an application from two browsers of same machine then two cookies will be maintained where each browser is a separate user for Asp.Net backend application
Method 5
no, stored on server somewhere in tmp folder.
sessions are serverside, cookies are client side.
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0