2

I have a weird issue with session variables. I'm storing some credentials in sessions variables like this:

Session["login"] = "foo";
Session["password"] = "oof";

The page is deployed on a certain server. After I logged in on the page, I noticed that other users (who are in the same network area) calling the page were logged in as well! I thought those data would be stored only for me (I suppose the server sends me back some cookies to ensure that) but that's not the case?

I certainly have a lack of knowledge somewhere. What's going on?

Thanks

Improve this question
3
  • 6
    Anything that is in your session certainly shouldn't be visible to others so I'd look outside of this for a problem. If needs be write simple web pages that store a session value unique to a user (eg IP address assuming you're not goign through a proxy) and another that displays it. This should allow you to prove whether or not session is being shared as you describe. I think its more likely that your code is doing something wrong somewhere else though (eg storing something in application state or on a static variable somewhere). Commented Aug 4, 2010 at 10:06
  • Yes I think that too. I'm investigating the issue.Thanks. Commented Aug 4, 2010 at 10:10
  • 1
    Found it. The origin of this problem was a global variable in the code behind :/ Commented Aug 4, 2010 at 10:26

2 Answers 2

Reset to default
1

I wouldn't recommend storing a password in a session variable for security purposes. If you must use a session variable, do not store the password in clear text. Use some encryption method instead.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Check your web.config

http://msdn.microsoft.com/en-us/library/h6bb9cz9.aspx

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.