0

I am all clear About the Practical use of cookies and Sessions . but I am still not clear why cookies are created in Asp .net when it has less values and limitation then session ...

Is it any scenario where only Cookies can be used and No other State Management can be used ?

Kul-Tigin
  • 16,728
  • 1
  • 35
  • 64
Neeraj Verma
  • 2,174
  • 6
  • 30
  • 51
  • The usage of cookies is mostly minimal one way or another. Without cookies you wouldn't be able to identify a client and map a session either. – Dbl Jun 09 '16 at 15:33
  • HTTP protocol is inherently stateless, and cookie is designed to make up this issue. Meanwhile, sessions are impossible without cookie (session cookie). With ASP.NET session cookie (named `ASP.NET_SessionId` by default) is set by server on client, then client sends this cookie back to the server with each request to identify its session. – Alex Kudryashev Jun 09 '16 at 15:46
  • See the difference http://stackoverflow.com/questions/623815/what-is-the-difference-between-a-session-and-a-cookie – Abdul Jun 14 '16 at 12:16
  • Does this answer your question? [What is the difference between a Session and a Cookie?](https://stackoverflow.com/questions/623815/what-is-the-difference-between-a-session-and-a-cookie) – Stephen Ostermiller Feb 10 '23 at 11:32
  • Does this answer your question? [Cookies vs. sessions](https://stackoverflow.com/questions/6253633/cookies-vs-sessions) – mousetail Feb 10 '23 at 11:38

1 Answers1

1

There are three different Session States:

  1. Client Session State allows session information to be hold on client (also known as cookies). This helps reduce the overhead of holding too much information on server side and allows client to control session's life cycle. Say if you restart Server, cookies is still on client. The cons is the cookies can be visible to curious users and client has to include it in every request to server.
  2. Server Session State stores session on server side. This provides the fastest access to session from server code logic and protects sensitive session information. But it will be flushed on server crashes or shutdown.
  3. Database Session State holds session in Database. This offers more durable Session and also helps you protect user's sensitive session information. But it's slower than 2 and costs more to implement.

Hope this helps.

Robo
  • 612
  • 3
  • 7