Session is a period of time defined between a web application and a user. There is an individual session for each user browsing a web application. A session can be used to place value/objects in it. I could be an alternative use of cookies.
Session contains a key, which help to assign a value to it. A user can have multi session, for example:
Session for username, session for IP, session for user behavior, and so on.
A session timeout can be defined in the application by adding it to the web config file. A session can be clear by the application itself, or simply after the timeout elapse.
Here are examples of how session works, written in C#:
Session[“Username”] = “user1” ;// store a value in the Username session Session[“IPAddress”] = ”198.168.11.11” ;// Store a value in IPAddress session Session[“Username”] = null ; // Clear a Session variable Session.Abandon(); // Clear all sessions variables
To set a session timeout, look for the following in your web config file:
<sessionState mode="InProc" stateConnectionString="tcpip=127.0.0.1:42424" cookieless="true" timeout="20" />Now you can alter the timeout and put the number that you find appropriate for your application. The 20 in the above example represent 20 minutes of timeout.
