Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How does server recognise new session?

Status
Not open for further replies.
tty0

tty0

Programmer
Nov 13, 2002
108
GB
Ayup peeps,

Pure curiosity! but just recently i noticed our server was assigning a new session every time a page was refreshed instead of every time a new user came on the site.

the new user being me (firewalled)

once i changed the firewall settings to trusted it was assigning a new session only when it was supposed to and not every time i refreshed.

Now I know the firewall was set to block cookies but when i set it to trusted top allow cookies it worked ok. So on the surface it looks like a cookie thing.

What i dont understand is the site does not use cookies, instead i have used session variables so there is no cookie passed.... so why does blocking cookies stop the server keeping session? Does it start the session by checking the headers?????

cheers chaps n chapasses 'mi casa es su casa'
]-=tty0=-[
ICQ:82621399
 
Sort by date Sort by votes
Your right! asp uses a cookie to store the session id. The cookie only lasts as long as the session. Get the Best Answers! faq333-2924
Is this an asp FAQ? faq333-3048

mikewolf@tst-us.com
 
Upvote 0 Downvote
Session id and variables are stored in form of cookies !!!! Water is not bad as long as it stays out human body ;-)
 
Upvote 0 Downvote
Yep, just to clarify for furture readers, the session id is kept in a cookie on the client browser. The actual session variables are then stored on the server (RAM) and the id assigned to the client is what is used to tie that particular client to a collection of variables in storage. If the user doesn't have a cookie with a session id than the system grants them one, assuming this is there first visit for this session. If the client is blocking cookies, than in effect they will be starting a new session with every page they view because the server can't give them their sessionID.

-Tarwn ________________________________________________________________________________
Sometimes it is how you ask the question: faq333-2924
Many ASP questions have already been answered, please check faq333-3048 and use the search tool before posting
 
Upvote 0 Downvote
There used to be an ISAPI called cookie-monster. It will substituted cgi parms where cookies would otherwise be used, parsing outbound HTML adding the session info as a cgi parm (e.g. somepage.asp?sessionid=12345) on the way out and removing it on the way but adding cookie headers as if the user had sent them.

This was popular back when webmaster and sysadmins had response to irrational fears about what a server keeping tabs on it's user might imply. Thank goodness we live in more enlightened times these days [wink]
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

leifoet
  • Locked
  • Question
Code does not run in Microsoft Edge - it does in Google Chrome
Replies
3
Views
920
leifoet
leifoet
leifoet
  • Locked
  • Question
How to send HTML emails with ASP classic?
Replies
0
Views
748
leifoet
leifoet
leifoet
  • Locked
  • Question
How to check if a datatable is empty ?
Replies
0
Views
539
leifoet
leifoet
leifoet
  • Locked
  • Question
How to link a condition to a session("UID") ?
Replies
14
Views
753
leifoet
leifoet
bslintx2021
  • Locked
  • Question
How to configure IIS 10 server to allow Classic ASP to connect to MSSQL server database on a domain
Replies
1
Views
1K
penguinspeaks
penguinspeaks

Part and Inventory Search

Sponsor

Back
Top