SessionState & Forms Authentication

[Guest]

In web.config, I can set SessionState mode to "Off" while using Forms
authentication, they have 2 diff mechanisms, is this correct?

 

[Brock Allen]

Yes, they use two different cookies.

-Brock
DevelopMentor
http://staff.develop.com/ballen

 

[Kumar Reddi]

Forms authentication is used for authentication purposes only. Whereas
SessionState is used to share data between multiple pages. Ofcourse session
can be customized to handle authentication also. There is no overhead on
your application by leaving sessionState like that. You can turn off
Sessionstate on each page by setting EnableSessionState to false. If you
want to turn it off on all the pages through out your application, use the
following setting in your web.config

<pages buffer="true" enableSessionState="false" />