SessionIDManager.SessionIDMaxLength Property

 

Gets the maximum length of a valid session identifier.

Namespace:   System.Web.SessionState
Assembly:  System.Web (in System.Web.dll)

static member SessionIDMaxLength : int with get

Property Value

Type: System.Int32

The maximum length of a valid session identifier.

The maximum length of a session identifier is 80 characters.

While session identifiers created by the CreateSessionID method are 24 characters long, the maximum length of a session identifier allowed by the SessionIDManager class is 80 characters. This is especially important if you implement a custom SessionIDManager. The GetSessionID method, which retrieves session-identifier values from the current HttpRequest, ensures that values do not exceed the SessionIDMaxLength value and that the session identifier is a 24-character string containing only the lowercase characters a to z and the numbers 0 to 5 by calling the Validate method. If you implement a custom SessionIDManager class that inherits the SessionIDManager class and overrides the CreateSessionID method but not the Validate method, your custom session-identifier values must meet the constraints above. For an example of overriding the SessionIDManager class and implementing these methods, see the example provided for the CreateSessionID method.

.NET Framework
Available since 2.0
Return to top
Show: