Anonymous identification is another new feature in ASP.NET 2.0.
The goal of the feature is to provide a unique identification to
users that are not authenticated. The feature is not tied in any
way to security but is rather a simple mechanism to assign a
Anonymous identification is not enabled by default. To enable it you must either add an entry to your web.config file or modify machine.config . Below is a web.config that enables the anonymous identification feature:
<configuration> <system.web> <anonymousIdentification enabled="true" /> </system.web> </configuration>
Enabling the feature is simple. There are, however, several other attributes that can be set, as shown in Listing 7.8.
Listing 7.8 Configuring Anonymous Identification
configuration> <system.web> <anonymousIdentification enabled="true" cookieName=".ASPXANONYMOUS" cookieTimeout="100000" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="None" cookieless="UseCookies" /> </system.web> </configuration>
As you can see, there is a
used to enable the feature. When enabled, anonymous identification
will use a cookie to store the anonymous ID. If you do not wish to
use a cookie or do not know if the end
(shown in the listing above) is the
recommended choice. This option is less
Once anonymous identification is enabled, unauthenticated
The anonymous ID is accessed through the new Request.Anonymous Id property. Although the anonymous ID is a GUID, the ASP.NET team decided to make the return value type string more users are familiar with working with string than GUIDs.
Anonymous Identification Events
Two events are raised by anonymous identification.
As we'll see shortly, the AnonymousIdentification_OnRemove event is important since we use it in conjunction with Personalization to allow for the migration of anonymous personalization data.