ASP.NET Developer's JumpStart By Paul D. Sheriff, Ken Getz
Table of Contents
Chapter 23. State Management in ASP.NET
If you know you will be using a Web farm (described in the next section) or you do not want to take a chance on using cookies, you can configure ASP.NET to run without using cookies. You will still be able to use the Session object, but a memory cookie will not be generated. You can accomplish this by changing the Cookieless attribute in the SessionState setting in the Web.Config file associated with the project from False to True. Once you've set this option to True, the SessionID value is added to the URL as shown in the following example:
The additional text (pe5t…) added to the URL contains the session ID value. IIS uses this number as the session ID when this page is resubmitted back to the server. If you are using any hyperlink elements or <Form Action=""> tags in your HTML, .NET will add this session ID to each of these HTML tags as well. This works for all pages in your Web site, regardless of whether they are HTML or ASPX pages.
To enable cookieless sessions, you need to make one change in the Web.Config file in your ASP.NET application. Follow these steps to enable a cookieless session:
Open your application's Web.Config file in the Visual Studio .NET editor.
Locate the <sessionState> XML element.
Change the Cookieless attribute from false to true, as shown here:
Once you have done this, run the application again and watch the URL. You will see a session ID appear with each page that is displayed. This ID is appended to each and every call to any page in this Web site. The ASP.NET engine handles all the details of sending this ID back to the Session object.