Is there any good reason why the authentication cookie and the session state cookie are two separate cookies?

Question

Is there any good reason why ASP.NET\'s session state cookie and the Forms Authentication cookie are two separate cookies? What if I want to \"tie\" them to each other? Is it po

Answer 1

Session != Authentication

The session state cookie tracks the user's activity during a browser session.

The forms authentication cookie tracks the user's authenticated activity during a given time period, specified by the expiration date of the ticket and whether or not you have created a persistent cookie (e.g "Remember Me" checkbox).

You shouldn't be touching the session cookie itself, and all it contains is an identifier to tie the client session (browser) to the server.

If you need to access the session, use HttpContext.Current.Session.

What exactly are you trying to "tie" together?

What does SomeStaticClass.WasSessionStateLost do?