Hi,
Cookie is good way to track user. But you can use url string to track user.
In some my application I use the next way
1) User login
2) Validate user and check login/password
3) Create session for user (wwSession) - it return session ID
4) Next URLs will looks like "mypage.wwc?sessionid=12345" (12345 sessionID)
5) Using Request.QueryString("sessionid") you can get this session id and validate session.
6) You can set session variables for session in WWC (Get/SetSessionVar)
7) If you have shopping session you can store XML as shopping cart as session var.

Also.. you can use combination COOKIE+SESSIONID. For example if you send never expired cookie to user (for autologon for example), and sessionID for
current customer (user) session.

Denis.

>I have a very simple login page on my WW application.
>
>They enter their unique ID (no password) and the system sets a cookie with their ID.
>
>Then I use that cookie on every following page to know they are logged in and what is their ID.
>
>Is there a BETTER way to know if they passed login and not worry about they who they?
>
>Naturally I can use Windows authentication, but that is a lot more than my users would want to mess with.
>
>The simple ID is nice, but the cookies are a constant problem.