473,486 Members | 2,493 Online
Bytes | Software Development & Data Engineering Community
Create Post

Home Posts Topics Members FAQ

Where does IIS and ASP.Net save Authentication info? (sessionState mode="SQLServer")

Hi,

I've successfully setup my machine to use: sessionState mode="SQLServer".
All is up and running so no problems so far. Because I curious person, I
started to play around with the two new tables created on my SQLServer.

Here is what I've done.

1. I've created a web projectec consisting of two webforms. The first form
(default.aspx) is my testform and it doesn't do much at all. (Actually it
displays the time when you press a button).

2. The second form (login.aspx) handles login requests. If you press a
button then the following code fires:

FormsAuthentication.RedirectFromLoginPage("MyUser" , false);

3. I've allso setup my web.config file as following:

<authentication mode="Forms">
<forms
loginUrl = "Login.aspx"
name = ".ASPXFORMSAUTH"
protection ="All"
timeout ="20"/>
</authentication>
<authorization>
<deny users="?" /> <!-- Allow all users -->
</authorization>

4. So basically I have a project that doesn't do much at all. Now to my
test. I start my application by requesting the default.aspx and gets
redirected to the login page. I login by pressing the button (as mentioned
above) and I'm back at the first page (default.aspx) and can watch the time
as I press a button.

5. So what I would like as an administrator of this application is to logoff
this user. I thought I could go into the table ASPStateTempSessions and
delete the corresponding row (or all rows to logoff all users) BUT if I do
that, then the user still remains loggedin and can still watch the clock
change as he clicks the button?!?!?
So what i've done is to remove all information in the to tables
ASPStateTempApplications and ASPStateTempSessions.

6. So the user can still click the button and see what time it is (through
the button on default.aspx) and if look in the table ASPStateTempSessions,
the session Id is back and as it seems, the user is still logged on to my
web site?!?!

Now to my questions:
* Doesn't IIS and ASP.NET store authentication information such as UserId in
the session variables?
* If I delete all session information shouldn't the user be logged out?
* Where does IIS and ASP.NET store authentication information if I use
sessionState mode="SQLServer"?

/Kristofer
Nov 17 '05 #1
0 2169
Create Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
10
2391
where to save user settings in an app
by: Dica | last post by:
i've got an app that needs to connect to sql server and login with a useName/password. currently, my app saves this info in an XML file in plain text (i.e. no encryption). everytime the app is...
C# / C Sharp
1
3474
Session Expired (sessionState mode="SQLServer")
by: TSelvan | last post by:
Hi All, We have developmented Web project with ASP.Net and SQL server Database. In this project we have configured "SessionState" mode as "SQLServer" in Web.Config with timeout="180" as...
ASP.NET
2
1719
SessionState "StateServer" serialization ...
by: Ashish | last post by:
Iam trying the out of state session management for the first time, trying to convert a big project to be adaptable to both type of session management .. what i see that it is trying to serialize...
ASP.NET
1
3559
How to "deserialize" session contents??
by: Sidney Pecul | last post by:
I setup the SessionState (out-of-process in SQLServer). I can query ASPState..ASPStateTempSessions table. However, "SessionItemShort" content is serialized. Is it a way to "deserialize" ...
ASP.NET
1
1404
sessionState mode="SQLServer" similar for non-msSQL databases.
by: Craig | last post by:
I'm planning on persisting sessionState in a database (not MS SQL). Is there a way to do this using the web.config file? I see that you can set the sessionState mode="SQLServer" to persist to a...
ASP.NET
10
4029
Windows Authentication through Active Directory
by: Hriday | last post by:
Hi there, Please help me..It is urgent This is Hriday, working on windows authentication with Active Directory... My requirment is when a user sends a request to my web Applicatoin I want to...
Visual Basic .NET
1
1137
"Leaky" SessionState
by: fathelga | last post by:
We have a site that holds data about the user in session while they are logged in. Everyone once in a while a user will log in and see someone else's session state. Has this happened to anyone...
ASP.NET
4
9523
2.0: "Debugging failed because integrated Windows authentication in not enabled."
by: R.A.M. | last post by:
Hello, I am writing my first ASP.NET application (I use .NET 2.0, Visual Web Developer 2005 Express Edition and SQL Server 2005 Express Edition). The application builds successfully but when I try...
.NET Framework
3
3439
session expiry when using sessionState mode="SQLServer"
by: Moe Sisko | last post by:
Using dotnet 2.0 sp1, I've got ASP.NET session state working ok in SQLServer mode, but the sessions never seem to expire. e.g if I add a timeout attribute like so : <sessionState...
ASP.NET
0
7105
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
6967
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
7180
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
1
6846
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
7341
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
5439
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
3071
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
0
1381
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
C# / C Sharp
0
266
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us