Problem with unique session variables

[Newton]

Hi,

I got here the following problem. I am programming
web application for examing students.
After student will log on I need to keep his ID,
Privileges, Login, Password for manipulating with other
functions. All these information I will keep by

Session["ID"] = "2"
Session["Privileges"] = "Student"

and so on...
But my problem is, when later will log on teacher in
Session["Privileges"] will be "Teacher". It will be
replaced, so student will receive privileges of teacher.
And that is my problem. I heard that it is neccessary to
create unique ID for session.
I am working in ASP.NET with C# and there is
possibility to create this ID with method
Session.SessionID() but I dont know how to use it, how
those session variables can be different...

Is anybody here, who can show me some easy example how
to solve my problem?
Please. Thank you very much...

Newton

[S. Justin Gengo]

Newton,

Session variables are unique by nature.

Unless the teacher and the student log on to the exact same machine (and for
that matter without closing the browser windows) the Session["Privileges"]
variables will be tracked seperately for each user.

You shouldn't have a problem using the Session variable as is.

I hope this is good news! :)

--
S. Justin Gengo, MCP
Web Developer

Free code library at:
[url]www.aboutfortunate.com[/url]

"Out of chaos comes order."
Nietzche
"Newton" <newton.finsko@pobox.sk> wrote in message
news:03c701c3508c$53f56320$a301280a@phx.gbl...

> Hi,
>
> I got here the following problem. I am programming
> web application for examing students.
> After student will log on I need to keep his ID,
> Privileges, Login, Password for manipulating with other
> functions. All these information I will keep by
>
> Session["ID"] = "2"
> Session["Privileges"] = "Student"
>
> and so on...
> But my problem is, when later will log on teacher in
> Session["Privileges"] will be "Teacher". It will be
> replaced, so student will receive privileges of teacher.
> And that is my problem. I heard that it is neccessary to
> create unique ID for session.
> I am working in ASP.NET with C# and there is
> possibility to create this ID with method
> Session.SessionID() but I dont know how to use it, how
> those session variables can be different...
>
> Is anybody here, who can show me some easy example how
> to solve my problem?
> Please. Thank you very much...
>
> Newton
>

[Bill Richardson]

>-----Original Message-----
>Hi,
>
> I got here the following problem. I am programming
>web application for examing students.
> After student will log on I need to keep his ID,
>Privileges, Login, Password for manipulating with other
>functions. All these information I will keep by
>
> Session["ID"] = "2"
> Session["Privileges"] = "Student"
>
>and so on...
> But my problem is, when later will log on teacher in
>Session["Privileges"] will be "Teacher". It will be
>replaced, so student will receive privileges of teacher.
>And that is my problem. I heard that it is neccessary to
>create unique ID for session.
> I am working in ASP.NET with C# and there is
>possibility to create this ID with method
>Session.SessionID() but I dont know how to use it, how
>those session variables can be different...
>
> Is anybody here, who can show me some easy example how
>to solve my problem?
>Please. Thank you very much...
>
> Newton
>
>.
>

..Net will create the unique ID automatically.

In machine.config, set the

<sessionState mode=

setting to "InProc" (unless you have a web farm, then
you'll need to use a StateServer or SQLServer to maintain
session state). Also set the appropriate session timeout
(in minutes) in the same line. This will timeout the
session within the set number of minutes of INACTIVITY.

Then provide the user with a way to logout, which should
call Session.Abandon to log out of the current session.

Finally, at the top of each page, check Session
["Privileges"], and if not set, redirect to the login page.

That should allow you timeout users, and allow them to log
themselves out.

Bill Richardson
Proflowers.com

[Newton]

Hi,
believe me... they are not unique by nature... I started
internet explorer with my application and logged on as a
student, clicked the button and this application shown me
that student has logged on. Then i opened another
explorer and logged on as a teacher, clicked the button
and application shown me that teacher has logged on. Then
I returned to that explorer where student has logged on,
clicked the button and it shown me, that teacher has
logged on, so the session variable was overwritten.

Believe me... theyu are not unique by nature...

>-----Original Message-----
>Newton,
>
>Session variables are unique by nature.
>
>Unless the teacher and the student log on to the exact

same machine (and for

>that matter without closing the browser windows) the

Session["Privileges"]

>variables will be tracked seperately for each user.
>
>You shouldn't have a problem using the Session variable

as is.

>
>I hope this is good news! :)
>
>--
>S. Justin Gengo, MCP
>Web Developer
>
>Free code library at:
>[url]www.aboutfortunate.com[/url]
>
>"Out of chaos comes order."
> Nietzche

[S. Justin Gengo]

Newton,

Was this on the same machine? Sessions are unique to the machine not to each
browser window...

If this was on the same machine then you are getting the behaviour this was
designed to produce.

--
S. Justin Gengo, MCP
Web Developer

Free code library at:
[url]www.aboutfortunate.com[/url]

"Out of chaos comes order."
Nietzche
"Newton" <newton.finsko@pobox.sk> wrote in message
news:082401c350ef$17ff29b0$a601280a@phx.gbl...

> Hi,
> believe me... they are not unique by nature... I started
> internet explorer with my application and logged on as a
> student, clicked the button and this application shown me
> that student has logged on. Then i opened another
> explorer and logged on as a teacher, clicked the button
> and application shown me that teacher has logged on. Then
> I returned to that explorer where student has logged on,
> clicked the button and it shown me, that teacher has
> logged on, so the session variable was overwritten.
>
> Believe me... theyu are not unique by nature...
>

> >-----Original Message-----
> >Newton,
> >
> >Session variables are unique by nature.
> >
> >Unless the teacher and the student log on to the exact

> same machine (and for

> >that matter without closing the browser windows) the

> Session["Privileges"]

> >variables will be tracked seperately for each user.
> >
> >You shouldn't have a problem using the Session variable

> as is.

> >
> >I hope this is good news! :)
> >
> >--
> >S. Justin Gengo, MCP
> >Web Developer
> >
> >Free code library at:
> >[url]www.aboutfortunate.com[/url]
> >
> >"Out of chaos comes order."
> > Nietzche

>