SessionIDManager::Validate Method
Gets a value indicating whether a session identifier is valid.
Assembly: System.Web (in System.Web.dll)
Parameters
- id
- Type: System::String
The session identifier to validate.
Implements
ISessionIDManager::Validate(String)This method is not intended to be called from application code.
The Validate method verifies that the supplied id is a 24-character string consisting of lowercase characters from a to z and numbers from 0 to 5 and that the maximum length of the session ID does not exceed 80 characters.
The GetSessionID method calls the Validate method when retrieving a session identifier from an HTTP request, to ensure that the supplied session identifier is properly formatted.
Notes to Inheritors:You can supply a custom session identifier to be used by ASP.NET session state by creating a class that inherits the SessionIDManager class and overriding the CreateSessionID and Validate methods with your own custom implementation. Even when you create a custom session identifier, the session ID is limited to 80 characters by the SessionIDManager class.
The following code example shows a class that inherits the SessionIDManager class and overrides the CreateSessionID and Validate methods with methods that supply and validate a Guid as the SessionID.
To use the custom class demonstrated in this example, replace the SessionID HTTP module in your Web.config file with your custom class, as shown in the following example.
<httpModules>
<remove name="SessionID" />
<add name="SessionID"
type="Samples.AspNet.Session.GuidSessionIDManager" />
</httpModules>
Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98
The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.