Reputation: 30385
Problem with Sessions in ASP .NET
I have a weird issue with session variables. I'm storing some credentials in sessions variables like this:
Session["login"] = "foo";
Session["password"] = "oof";
The page is deployed on a certain server. After I logged in on the page, I noticed that other users (who are in the same network area) calling the page were logged in as well! I thought those data would be stored only for me (I suppose the server sends me back some cookies to ensure that) but that's not the case?
I certainly have a lack of knowledge somewhere. What's going on?
Thanks
Upvotes: 2
Views: 310
Answers (2)
Reputation: 67
Check your web.config
http://msdn.microsoft.com/en-us/library/h6bb9cz9.aspx
Upvotes: 0
Reputation: 730
I wouldn't recommend storing a password in a session variable for security purposes. If you must use a session variable, do not store the password in clear text. Use some encryption method instead.
Upvotes: 1