ISessionIDManager.SaveSessionID(HttpContext, String, Boolean, Boolean) Method

Reference

Definition

Namespace:: System.Web.SessionState

Assembly:: System.Web.dll

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Saves a newly created session identifier to the HTTP response.

public:
 void SaveSessionID(System::Web::HttpContext ^ context, System::String ^ id, [Runtime::InteropServices::Out] bool % redirected, [Runtime::InteropServices::Out] bool % cookieAdded);

public void SaveSessionID (System.Web.HttpContext context, string id, out bool redirected, out bool cookieAdded);

abstract member SaveSessionID : System.Web.HttpContext * string * bool * bool -> unit

Public Sub SaveSessionID (context As HttpContext, id As String, ByRef redirected As Boolean, ByRef cookieAdded As Boolean)

Parameters

context: HttpContext

The current HttpContext object that references server objects used to process HTTP requests (for example, the Request and Response properties).

id: String

The session identifier.

redirected: Boolean

When this method returns, contains a Boolean value that is true if the response is redirected to the current URL with the session identifier added to the URL; otherwise, false.

cookieAdded: Boolean

When this method returns, contains a Boolean value that is true if a cookie has been added to the HTTP response; otherwise, false.

Examples

The following code example shows a partially implemented SaveSessionID method. If your custom session-ID manager supports cookieless session identifiers, you will need to implement a solution for sending and retrieving session identifiers in the URL, such as an ISAPI filter.

public void SaveSessionID(HttpContext context, string id, out bool redirected, out bool cookieAdded)
{
  redirected = false;
  cookieAdded = false;

  if (pConfig.Cookieless == HttpCookieMode.UseUri)
  {
    // Add the SessionID to the URI. Set the redirected variable as appropriate.

    redirected = true;
    return;
  }
  else
  {
    context.Response.Cookies.Add(new HttpCookie(pConfig.CookieName, id));
    cookieAdded = true;
  }
}

Public Sub SaveSessionID(context As HttpContext, _
                         id As String, _
                         ByRef redirected As Boolean, _
                         ByRef cookieAdded As Boolean) _
  Implements ISessionIDManager.SaveSessionID

  redirected = False
  cookieAdded = False

  If pConfig.Cookieless = HttpCookieMode.UseUri Then

    ' Add the SessionID to the URI. Set the redirected variable as appropriate.

    redirected = True
    Return
  Else
    context.Response.Cookies.Add(New HttpCookie(pConfig.CookieName, id))
    cookieAdded = True
  End If
End Sub

Remarks

The SaveSessionID method is called by the SessionStateModule object during the HttpApplication.AcquireRequestState event. The SaveSessionID method stores the session identifier either in the URL (when cookieless session state is used) or in a non-expiring session cookie.

If it is possible that the value returned from your CreateSessionID implementation contains characters that are not valid in an HTTP response or request, you should use the UrlEncode method to encode the session-identifier value in your SaveSessionID method implementation and the UrlDecode method to decode the session-identifier value in your GetSessionID method implementation.

Applies to

Share via