1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
|
<?xml version="1.0" encoding="utf-8"?>
<Type Name="SessionIDManager" FullName="System.Web.SessionState.SessionIDManager">
<TypeSignature Language="C#" Value="public class SessionIDManager : System.Web.SessionState.ISessionIDManager" />
<AssemblyInfo>
<AssemblyName>System.Web</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
</AssemblyInfo>
<Base>
<BaseTypeName>System.Object</BaseTypeName>
</Base>
<Interfaces>
<Interface>
<InterfaceName>System.Web.SessionState.ISessionIDManager</InterfaceName>
</Interface>
</Interfaces>
<Docs>
<remarks>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>The <see cref="T:System.Web.SessionState.SessionIDManager" /> class is an HTTP module that manages unique session identifiers for use with ASP.NET session state. The unique identifier for an ASP.NET session is the <see cref="P:System.Web.SessionState.HttpSessionState.SessionID" /> property, which can be accessed from the <see cref="P:System.Web.HttpContext.Session" /> property of the current <see cref="T:System.Web.HttpContext" /> or <see cref="T:System.Web.UI.Page" />. The ASP.NET session identifier is a randomly generated number encoded into a 24-character string consisting of lowercase characters from a to z and numbers from 0 to 5.</para>
<para>By default, the <see cref="P:System.Web.SessionState.HttpSessionState.SessionID" /> value is sent in a cookie with each request to the ASP.NET application. The name of the cookie that contains the <see cref="P:System.Web.SessionState.HttpSessionState.SessionID" /> value is ASP.NET_SessionId by default. You can configure a different cookie name by setting the cookieName attribute of the <format type="text/html"><a href="bda6fb8c-0076-43e3-9ce2-8cf1f8bdaa7d">sessionState Element (ASP.NET Settings Schema)</a></format> to the desired cookie name.</para>
<para>If you want to disable the use of cookies in your ASP.NET application and still make use of session state, you can configure your application to store the session identifier in the URL instead of a cookie by setting the cookieless attribute of the sessionState element to true in the Web.config file for your application. For more information, see the <see cref="P:System.Web.SessionState.HttpSessionStateContainer.IsCookieless" /> property.</para>
</remarks>
<summary>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>Manages unique identifiers for ASP.NET session state.</para>
</summary>
</Docs>
<Members>
<Member MemberName=".ctor">
<MemberSignature Language="C#" Value="public SessionIDManager ();" />
<MemberType>Constructor</MemberType>
<AssemblyInfo>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
</AssemblyInfo>
<Parameters />
<Docs>
<remarks>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>This constructor is not intended to be called from application code.</para>
<para>ASP.NET calls this constructor to create an instance of the <see cref="T:System.Web.SessionState.SessionIDManager" /> class. After calling the constructor, ASP.NET calls the <see cref="M:System.Web.SessionState.SessionIDManager.Initialize" /> method to initialize the new <see cref="T:System.Web.SessionState.SessionIDManager" /> object.</para>
</remarks>
<summary>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>Creates an instance of the <see cref="T:System.Web.SessionState.SessionIDManager" /> class.</para>
</summary>
</Docs>
</Member>
<Member MemberName="CreateSessionID">
<MemberSignature Language="C#" Value="public virtual string CreateSessionID (System.Web.HttpContext context);" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.String</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="context" Type="System.Web.HttpContext" />
</Parameters>
<Docs>
<remarks>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>This method is not intended to be called from application code.</para>
<para>The <see cref="M:System.Web.SessionState.SessionIDManager.CreateSessionID(System.Web.HttpContext)" /> method returns a unique session identifier that is a randomly generated number encoded into a 24-character string consisting of lowercase characters from a to z and numbers from 0 to 5.</para>
</remarks>
<summary>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>Creates a unique session identifier for the session.</para>
</summary>
<returns>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>A unique session identifier.</para>
</returns>
<param name="context">
<attribution license="cc4" from="Microsoft" modified="false" />The current <see cref="T:System.Web.HttpContext" /> object that references server objects used to process HTTP requests (for example, the <see cref="P:System.Web.HttpContext.Request" /> and <see cref="P:System.Web.HttpContext.Response" /> properties).</param>
</Docs>
</Member>
<Member MemberName="Decode">
<MemberSignature Language="C#" Value="public virtual string Decode (string id);" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.String</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="id" Type="System.String" />
</Parameters>
<Docs>
<remarks>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>This method is not intended to be called from application code.</para>
<para>This method is used internally by the <see cref="T:System.Web.SessionState.SessionIDManager" /> class to decode custom <see cref="P:System.Web.SessionState.HttpSessionState.SessionID" /> values created by classes that inherit the <see cref="T:System.Web.SessionState.SessionIDManager" /> class and override the <see cref="M:System.Web.SessionState.SessionIDManager.CreateSessionID(System.Web.HttpContext)" /> and <see cref="M:System.Web.SessionState.SessionIDManager.Validate(System.String)" /> methods. To ensure the fidelity of a custom session-identifier value retrieved from the HTTP request by the <see cref="M:System.Web.SessionState.SessionIDManager.GetSessionID(System.Web.HttpContext)" /> method, the <see cref="T:System.Web.SessionState.SessionIDManager" /> decodes the custom value using the <see cref="Overload:System.Web.HttpUtility.UrlDecode" /> method.</para>
</remarks>
<summary>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>Decodes a URL-encoded session identifier obtained from a cookie or the URL.</para>
</summary>
<returns>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>The decoded session identifier.</para>
</returns>
<param name="id">
<attribution license="cc4" from="Microsoft" modified="false" />The session identifier to decode. </param>
</Docs>
</Member>
<Member MemberName="Encode">
<MemberSignature Language="C#" Value="public virtual string Encode (string id);" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.String</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="id" Type="System.String" />
</Parameters>
<Docs>
<remarks>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>This method is not intended to be called from application code.</para>
<para>This method is used internally by the <see cref="T:System.Web.SessionState.SessionIDManager" /> class to encode custom <see cref="P:System.Web.SessionState.HttpSessionState.SessionID" /> values created by classes that inherit the <see cref="T:System.Web.SessionState.SessionIDManager" /> class and override the <see cref="M:System.Web.SessionState.SessionIDManager.CreateSessionID(System.Web.HttpContext)" /> and <see cref="M:System.Web.SessionState.SessionIDManager.Validate(System.String)" /> methods. To ensure the fidelity of a custom session-identifier value stored in the HTTP response by the <see cref="M:System.Web.SessionState.SessionIDManager.SaveSessionID(System.Web.HttpContext,System.String,System.Boolean@,System.Boolean@)" /> method, the <see cref="T:System.Web.SessionState.SessionIDManager" /> encodes the custom value using the <see cref="Overload:System.Web.HttpUtility.UrlEncode" /> method.</para>
<para>For an example of a class that inherits the <see cref="T:System.Web.SessionState.SessionIDManager" /> class and overrides the <see cref="M:System.Web.SessionState.SessionIDManager.CreateSessionID(System.Web.HttpContext)" /> and <see cref="M:System.Web.SessionState.SessionIDManager.Validate(System.String)" /> methods, see the <see cref="M:System.Web.SessionState.SessionIDManager.CreateSessionID(System.Web.HttpContext)" /> method.</para>
</remarks>
<summary>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>Encodes the session identifier for saving to either a cookie or the URL.</para>
</summary>
<returns>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>The encoded session identifier.</para>
</returns>
<param name="id">
<attribution license="cc4" from="Microsoft" modified="false" />The session identifier to encode. </param>
</Docs>
</Member>
<Member MemberName="GetSessionID">
<MemberSignature Language="C#" Value="public string GetSessionID (System.Web.HttpContext context);" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.String</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="context" Type="System.Web.HttpContext" />
</Parameters>
<Docs>
<remarks>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>This method is not intended to be called from application code.</para>
<para>The <see cref="T:System.Web.SessionState.SessionStateModule" /> calls the <see cref="M:System.Web.SessionState.SessionIDManager.GetSessionID(System.Web.HttpContext)" /> method during the <see cref="E:System.Web.HttpApplication.AcquireRequestState" /> event to retrieve the <see cref="P:System.Web.SessionState.HttpSessionState.SessionID" /> from the current <see cref="T:System.Web.HttpRequest" />.</para>
</remarks>
<summary>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>Gets the session-identifier value from the current Web request.</para>
</summary>
<returns>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>The current <see cref="P:System.Web.SessionState.HttpSessionState.SessionID" />.</para>
</returns>
<param name="context">
<attribution license="cc4" from="Microsoft" modified="false" />The current <see cref="T:System.Web.HttpContext" /> object that references server objects used to process HTTP requests (for example, the <see cref="P:System.Web.HttpContext.Request" /> and <see cref="P:System.Web.HttpContext.Response" /> properties).</param>
</Docs>
</Member>
<Member MemberName="Initialize">
<MemberSignature Language="C#" Value="public void Initialize ();" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Void</ReturnType>
</ReturnValue>
<Parameters />
<Docs>
<remarks>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>The <see cref="M:System.Web.SessionState.SessionIDManager.Initialize" /> method reads the session configuration data from the <format type="text/html"><a href="bda6fb8c-0076-43e3-9ce2-8cf1f8bdaa7d">sessionState</a></format> configuration element of the configuration files.</para>
</remarks>
<summary>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>Initializes the <see cref="T:System.Web.SessionState.SessionIDManager" /> object with information from configuration files.</para>
</summary>
</Docs>
</Member>
<Member MemberName="InitializeRequest">
<MemberSignature Language="C#" Value="public bool InitializeRequest (System.Web.HttpContext context, bool suppressAutoDetectRedirect, out bool supportSessionIDReissue);" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Boolean</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="context" Type="System.Web.HttpContext" />
<Parameter Name="suppressAutoDetectRedirect" Type="System.Boolean" />
<Parameter Name="supportSessionIDReissue" Type="System.Boolean&" RefType="out" />
</Parameters>
<Docs>
<param name="context">To be added.</param>
<param name="suppressAutoDetectRedirect">To be added.</param>
<param name="supportSessionIDReissue">To be added.</param>
<summary>To be added.</summary>
<returns>To be added.</returns>
<remarks>To be added.</remarks>
</Docs>
</Member>
<Member MemberName="RemoveSessionID">
<MemberSignature Language="C#" Value="public void RemoveSessionID (System.Web.HttpContext context);" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Void</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="context" Type="System.Web.HttpContext" />
</Parameters>
<Docs>
<remarks>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>This method is not intended to be called from application code.</para>
<para>The <see cref="T:System.Web.SessionState.SessionStateModule" /> calls the <see cref="M:System.Web.SessionState.SessionIDManager.RemoveSessionID(System.Web.HttpContext)" /> method during the <see cref="E:System.Web.HttpApplication.ReleaseRequestState" /> event to remove the session identifier from the <see cref="P:System.Web.HttpResponse.Cookies" /> collection of the <see cref="T:System.Web.HttpResponse" /> if a new session was created but was not used.</para>
</remarks>
<summary>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>Deletes the session-identifier cookie from the HTTP response.</para>
</summary>
<param name="context">
<attribution license="cc4" from="Microsoft" modified="false" />The current <see cref="T:System.Web.HttpContext" /> object that references server objects used to process HTTP requests (for example, the <see cref="P:System.Web.HttpContext.Request" /> and <see cref="P:System.Web.HttpContext.Response" /> properties).</param>
</Docs>
</Member>
<Member MemberName="SaveSessionID">
<MemberSignature Language="C#" Value="public void SaveSessionID (System.Web.HttpContext context, string id, out bool redirected, out bool cookieAdded);" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Void</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="context" Type="System.Web.HttpContext" />
<Parameter Name="id" Type="System.String" />
<Parameter Name="redirected" Type="System.Boolean&" RefType="out" />
<Parameter Name="cookieAdded" Type="System.Boolean&" RefType="out" />
</Parameters>
<Docs>
<param name="context">To be added.</param>
<param name="id">To be added.</param>
<param name="redirected">To be added.</param>
<param name="cookieAdded">To be added.</param>
<summary>To be added.</summary>
<remarks>To be added.</remarks>
</Docs>
</Member>
<Member MemberName="SessionIDMaxLength">
<MemberSignature Language="C#" Value="public static int SessionIDMaxLength { get; }" />
<MemberType>Property</MemberType>
<AssemblyInfo>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Int32</ReturnType>
</ReturnValue>
<Docs>
<value>To be added.</value>
<remarks>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>The maximum length of a session identifier is 80 characters.</para>
<para>While session identifiers created by the <see cref="M:System.Web.SessionState.SessionIDManager.CreateSessionID(System.Web.HttpContext)" /> method are 24 characters long, the maximum length of a session identifier allowed by the <see cref="T:System.Web.SessionState.SessionIDManager" /> class is 80 characters. This is especially important if you implement a custom <see cref="T:System.Web.SessionState.SessionIDManager" />. The <see cref="M:System.Web.SessionState.SessionIDManager.GetSessionID(System.Web.HttpContext)" /> method, which retrieves session-identifier values from the current <see cref="T:System.Web.HttpRequest" />, ensures that values do not exceed the <see cref="P:System.Web.SessionState.SessionIDManager.SessionIDMaxLength" /> value and that the session identifier is a 24-character string containing only the lowercase characters a to z and the numbers 0 to 5 by calling the <see cref="M:System.Web.SessionState.SessionIDManager.Validate(System.String)" /> method. If you implement a custom <see cref="T:System.Web.SessionState.SessionIDManager" /> class that inherits the <see cref="T:System.Web.SessionState.SessionIDManager" /> class and overrides the <see cref="M:System.Web.SessionState.SessionIDManager.CreateSessionID(System.Web.HttpContext)" /> method but not the <see cref="M:System.Web.SessionState.SessionIDManager.Validate(System.String)" /> method, your custom session-identifier values must meet the constraints above. For an example of overriding the <see cref="T:System.Web.SessionState.SessionIDManager" /> class and implementing these methods, see the example provided for the <see cref="M:System.Web.SessionState.SessionIDManager.CreateSessionID(System.Web.HttpContext)" /> method.</para>
</remarks>
<summary>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>Gets the maximum length of a valid session identifier.</para>
</summary>
</Docs>
</Member>
<Member MemberName="Validate">
<MemberSignature Language="C#" Value="public virtual bool Validate (string id);" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Boolean</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="id" Type="System.String" />
</Parameters>
<Docs>
<remarks>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>This method is not intended to be called from application code.</para>
<para>The <see cref="M:System.Web.SessionState.SessionIDManager.Validate(System.String)" /> method verifies that the supplied <paramref name="id" /> is a 24-character string consisting of lowercase characters from a to z and numbers from 0 to 5 and that the maximum length of the session ID does not exceed 80 characters.</para>
<para>The <see cref="M:System.Web.SessionState.SessionIDManager.GetSessionID(System.Web.HttpContext)" /> method calls the <see cref="M:System.Web.SessionState.SessionIDManager.Validate(System.String)" /> method when retrieving a session identifier from an HTTP request, to ensure that the supplied session identifier is properly formatted.</para>
</remarks>
<summary>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>Gets a value indicating whether a session identifier is valid.</para>
</summary>
<returns>
<attribution license="cc4" from="Microsoft" modified="false" />
<para>true if the session identifier is valid; otherwise, false.</para>
</returns>
<param name="id">
<attribution license="cc4" from="Microsoft" modified="false" />The session identifier to validate. </param>
</Docs>
</Member>
</Members>
</Type>
|
