How to create variable that is accessible to all pages?
-
Hi How do you create variable that is accessible to all pages? I need to create variables to store username and password. I have tried using session variable, but session variable have a timeout. thank you
mayl wrote:
I have tried using session variable, but session variable have a timeout.
Then increase the time out. Remember that many many user sessions could be running simultaneously one one web application. If you store the values globally then everyone suddenly is logged in as the same person - A bit of a security risk I would hope you'll agree. The Session object is the correct place for storing data that is needed on each web page and across the lifetime of the [user] session. ColinMackay.net Scottish Developers are looking for speakers for user group sessions over the next few months. Do you want to know more?
-
mayl wrote:
I have tried using session variable, but session variable have a timeout.
Then increase the time out. Remember that many many user sessions could be running simultaneously one one web application. If you store the values globally then everyone suddenly is logged in as the same person - A bit of a security risk I would hope you'll agree. The Session object is the correct place for storing data that is needed on each web page and across the lifetime of the [user] session. ColinMackay.net Scottish Developers are looking for speakers for user group sessions over the next few months. Do you want to know more?
How do you configure the session variables to expire only when the user close his/her browser instead of setting a time limit? I'm trying to impersonate this user/password, that are stored in the seesion variables, to execute a specific section of code. If the user stays idle for more than the session timeout, the impersonation does not work. thank you
-
How do you configure the session variables to expire only when the user close his/her browser instead of setting a time limit? I'm trying to impersonate this user/password, that are stored in the seesion variables, to execute a specific section of code. If the user stays idle for more than the session timeout, the impersonation does not work. thank you
Since web browsers do not notify the server when they are closed you cannot. You could persist this information (in an encrypted form) in a cookie that is stored on the user's PC. ColinMackay.net Scottish Developers are looking for speakers for user group sessions over the next few months. Do you want to know more?