Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
SessionIDMaxLength Property
Collapse the table of content
Expand the table of content

SessionIDManager.SessionIDMaxLength Property

Gets the maximum length of a valid session identifier.

Namespace:  System.Web.SessionState
Assembly:  System.Web (in System.Web.dll)

static member SessionIDMaxLength : int with get

Property Value

Type: System.Int32
The maximum length of a valid session identifier.

The maximum length of a session identifier is 80 characters.

While session identifiers created by the CreateSessionID method are 24 characters long, the maximum length of a session identifier allowed by the SessionIDManager class is 80 characters. This is especially important if you implement a custom SessionIDManager. The GetSessionID method, which retrieves session-identifier values from the current HttpRequest, ensures that values do not exceed the SessionIDMaxLength value and that the session identifier is a 24-character string containing only the lowercase characters a to z and the numbers 0 to 5 by calling the Validate method. If you implement a custom SessionIDManager class that inherits the SessionIDManager class and overrides the CreateSessionID method but not the Validate method, your custom session-identifier values must meet the constraints above. For an example of overriding the SessionIDManager class and implementing these methods, see the example provided for the CreateSessionID method.

.NET Framework

Supported in: 4.6, 4.5, 4, 3.5, 3.0, 2.0
Show:
© 2015 Microsoft