Is using sessions is mandatory to create login pages?

Question

0.00/5 (No votes)

See more:

I am studying asp.net myself these days and i am really confused about how to make login page. i have checked plenty of codes on internet but at all are without session. some one told me that session is essential for login page please help. Do session are essential for login page. some of the demo require.
where the session variable values store in DB?

Posted 26-Jun-13 19:07pm

Muhamad Faizan Khan

Updated 26-Jun-13 19:09pm

Mohammed Hameed

v2

Add a Solution

5 solutions

Solution 4

Session is not mendatory for login page. If you use Forms Authentication[^],then there wont be any need to generate session.

:doh:[Edit]:
Login page without session[^]

Session is stored on server side. It have its own Adv. and disadv.

Advantages:

-It helps maintain user state and data all over the application.
-It is easy to implement and we can store any kind of object.
-Stores client data separately.
-Session is secure and transparent from the user.

Disadvantages:

-Performance overhead in case of large volumes of data/user, because session data is stored in server memory.
-Overhead involved in serializing and de-serializing session data, because in the case of StateServer and SQLServer session modes, we need to -Serialize the objects before storing them.

Further,session also have expiration behaviour,so you also have to take care of that.

Whereas,in forms authentication,on successful login,ticket will be generated and each time page postsback,this ticket will be verified to ensure the authorised user.

Feel free to ask if you still have any doubts.

Regards.. :laugh:

Posted 26-Jun-13 20:11pm

Thanks7872

Updated 26-Jun-13 20:28pm

v5

Comments

Orcun Iyigun 27-Jun-13 2:41am

My 5.

Thanks7872 27-Jun-13 2:42am

Thanks Orcun..!

Solution 1

Hi,

Session is very important when you are making login functionality....
Session provides security to aspplication
When we logout from application then Session becomes clear and no other person can see our profile or our Data.....

Session provides identification also....

like WELCOME MR. XYZ....in our application.
Here sime of links ...visit it

http://www.devmanuals.com/tutorials/ms/aspdotnet/login.html[^]

http://forums.asp.net/t/1905217.aspx/1?login+with+admin+n+user+c+[^]

Posted 26-Jun-13 19:27pm

Nirav Prabtani

Solution 2

Session is easy and secure way for login;

Now, If your purpose is to store the login time log,
Then it is easy to store in one table with date time with user agent.

An If you are think of load balancing for webservers and SQL servers.
And your website is superiorly secure at that time you need to store session state in DataBase
For Ref :
http://support.microsoft.com/kb/317604[^]

Posted 26-Jun-13 19:36pm

vivek.bagdai

Updated 27-Jun-13 1:21am

v2

Solution 3

If you are new at the asp.net then please study the state management techniques posted in following blog
http://thakkermukund.wordpress.com/2013/06/27/state-management/[^]

It can give you idea of managing your user's state information by either ways.

Posted 26-Jun-13 20:06pm

Mukund Thakker

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Jithin Geroge · Accepted Answer · 2013-06-26T21:06:00

Solution 5

Session not mandatory for login .
you can also use cookies to store login user information . Cookies will decrees the server load.
But cookies is not secure as session.Its your choice which to use . Nothing is mandatory.

Posted 26-Jun-13 21:06pm

Jithin Geroge