Hi all,
In my customer project the customer has a special security component that provides a so called "cookie stealing" feature. This security component is places between ASP.Net application and the webclient and doesn't send client cookies from the asp.net application to the browser. Instead, this security componet buffers the cookies.
My questions:
-Is it possible to use the infragistic controls without any cookies at all?
-What about the session cookie of ASP.Net: If this cookie isn't sent to the browser, do the infragistic controls work at all? Or is this a problem?
-Maybe it is possible for my customer, that the security component sends all cookies to the client but the session cookie (because of cookie stealing concerns)
Thank you very much for your answers
To my knowledge, our controls do not directly ake use of cookies. Thus, unless your application specifically uses cookies, our controls should work even with cookies disabled.
I'm unfamiliar with any process that would disable the session cookie that ASP.NET uses. I suspect that preventing this cookie from being received this would interfere with any controls or processes that make use of session state, since the server would be unable to determine that two requests from the same browser instance would be part of the same session. This would affect WebChart if session-based deployment is used (as opposed to file-based deployment), at the very least. Most other controls should be unaffected, though it would take time and research to confirm this.
There's information in this MSDN article (specifically under the heading "Cookies and Session State") that may be helpful. In particular, it mentions "cookieless sessions" as an alternative approach, along with the drawbacks of that approach.