I did some testing after I posted this message. I set my IE settings
for cookies to Always Prompt (even session cookies) to see what was
going on. I disabled sessions in IIS completely and then launched an
ASP.NET application that uses sessions. It saved a cookie with ASP_NET
in the name (or was it ASPNET - I don't remember exactly), but it was
NOT IIS's session cookie name. Also, the ASP.NET application's
sessions continued to work fine. This all came up because we noticed
that upping IIS's session timeout had no effect on the ASP.NET
application - but upping it in the web.config did work.

Of course, when I turned IIS sessions back on, I didn't get any new
cookies that were the usual IIS/ASP cookie, and I have no explanation
for that.

In any case, the conclusion I draw is that ASP.NET's session
management is completely independent of IIS altogether - it sets its
own cookies, uses its own storage mechanisms, etc. (I've read that you
can restart IIS and not lose ASP.NET session data, but I haven't tried

I'd like to find this confirmed somewhere, though.


"Ken Cox [Microsoft MVP]" <> wrote in message news:<#n9kaEVXDHA.1832TK2MSFTNGP09.phx.gbl>...
> It seems to me that sessions are part of ASP and ASP.NET and that they just use
> IIS as a vehicle for fetching and sending the memory-based cookie that helps
> implement sessions.
> That said, ASP sessions are isolated from ASP.NET sessions but I've seen some
> references to ways of letting them reach out to each other.
> Ken
> "Luther Miller" <luther.millersoftagondotcom.invalid> wrote in message
> news:Onz9tcTXDHA.1744TK2MSFTNGP12.phx.gbl...
> I couldn't find specific information in the doentation, but some
> experimenting has lead me to believe that one may disbaled Sessions in IIS
> and still be able to maintain default-style sessions in ASP.NET. This leads
> me to believe that ASP.NET's session handling is completely isolated from
> IIS Sessions. Is this true? Are there any doents that discuss this in
> detail?