Developing ASP.NET MVC Web Applications — Question 46
You are developing an ASP.NET MVC application that uses forms authentication to verify that the user is logged in.
Authentication credentials must be encrypted and secure so no user identity is exposed.
You need to ensure that user credentials are persisted after users log on.
In which two locations can you store the credentials? Each correct answer presents a complete solution.
Answer options
- A. In Session on the server
- B. In a cookie stored in the browser
- C. In ViewData in the application
- D. In TempData on the server
Correct answer: A, B
Explanation
Storing credentials in Session on the server (A) and in a cookie stored in the browser (B) are both valid solutions for persisting user authentication information. ViewData (C) and TempData (D) are not suitable for this purpose because they are designed for temporary data transfer and do not maintain state beyond a single request or session.