Create Custom Session ID Manager


In ASP.Net, the SessionIDManager class is used to generate and validate the Session ID. By default, it is saved in a cookie with the name ASP.NET_SessionId.

Get session ID by HttpContext class like below.


This session id is randomly generated and encoded with 24 characters containing lowercase a to z and numbers 0 to 5.

Suppose there is a scenario for customizing the session ID  and its validation. In that case, the developer can inherit the SessionIDManager class to a custom class and provide implementation to generate and validate the session ID.

We will do the same in the below code

using System;
using System.Configuration;
using System.Web.Configuration;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace SampleProject.Custom
    public class CustomSessionIDManager : SessionIDManager
        public override string CreateSessionID(HttpContext context)
            string sessionId = Guid.NewGuid().ToString();
            return sessionId;

        public override bool Validate(string id)
            bool isValidId = id == HttpContext.Current.Session.SessionID;
            return isValidId;

And need to mention in web.config --> SessionState

<sessionState sessionIDManagerType="SampleProject.Custom.CustomSessionIDManager"></sessionState>

Now whenever an application creates a session, it will refer to CustomSessionIDManager.


In this article, we understood a bit about SessionIDManager and how to customize it. I hope it helps.

Similar Articles