Session vs Cookie performance for Authentication

Thread view:

Enable EMail Alerts

Start New Thread

Thread rating:

webdevaccount@gmail.com - 26 Jul 2007 14:01 GMT

Hi,

I am trying to deceive whether I should use Asp.net 2.0's
FormAuthentication (cookie) or the Session object to store the login
ID of a given user.

Question 1: Assuming that the app will only run on a single server
(not a web farm), which option would perform better (in terms of
execution speed)?

Question 2: If I were to use a cookie, how would I be able to get the
number of users that are currently logged in?
(without using a session)

Thank you for your time and advice.

Regards,

Charles.

Reply to this Message

Göran Andersson - 26 Jul 2007 16:38 GMT

> Hi,
>
[quoted text clipped - 5 lines]
> (not a web farm), which option would perform better (in terms of
> execution speed)?

That depends on if you are storing any other session variables or not.

If there are no session variables in the sesion object, the server
doesn't need to keep the session object in memory. It can just recreate
the session object when the user returns. This reduces the memory load
on the server.

If you are using session varaibles anyway, the difference in performance
would be very small.

If you aren't using any other session variables, you would get a
slightly better performance using cookies. It would only really make a
difference if you have a large number of visitors, though.

> Question 2: If I were to use a cookie, how would I be able to get the
> number of users that are currently logged in?
> (without using a session)

You would have to keep track of every user and their last contact with
the server, so that you could remove the users from the count when you
consider them to have timed out.

Signature

Göran Andersson
_____
http://www.guffa.com

Reply to this Message

Session vs Cookie performance for Authentication

Free Magazines