For security reasons, I want to change session_id after login. In php, there's a function session_regenerate_id(); which can change sessionid without losing current session information.
Is there a similar function in .NET ?
Asked
Active
Viewed 480 times
0
ineztia
- 815
- 1
- 13
- 29
-
1A good idea is to change the session ID, however you should also use Forms Authentication Tickets rather than session for authentication (if not already ;)) [See here](http://stackoverflow.com/a/18077422/413180). – SilverlightFox Jul 04 '16 at 08:56
1 Answers
1
ASP.NET does not directly support functionality to regenerate a session ID. See the documentation regarding the issue. There is a not-so quick and dirty way to do it by setting the ASPNET_SessionID value to the empty string and redirecting so that the value is regenerated.
Mohamed Sheik M
- 112
- 10