.netCoders Contact Us
Search:
70-3X5 : Web Apps
Certification Home
Exam Overview
Exam Resources

User Services
ASP.NET pages
Adding Controls
Navigation
Validation
Error Handling
Displaying Data
Invoking services
Accessibility
Intrinsic Objects

Components & Assemblies
Assemblies
Web Controls

Consuming Data
Queries
Data Error Handling

Testing & Debugging
Unit Test Plans
Tracing
Debugging

Deployment
Planning
Setup Programs
Deploying
The GAC

Maintainance
Optimization
Diagnostics

Configuration & Security
Configuration
Security
Authorization
Caching
Session State
Server Services

Session State

Session state management in ASP.NET has been improved to better support web farms. Like ASP, session state can be stored in the server's memory for optimum performance. In addition, session state can be stored in memory on a separate server, or in a SQL Server database. Session state can also be configured to pass the session identifier in the URL, and not using cookies. These settings can be configured in the web.config file without any changes to your codebase.

Configuring in Web.config

When you create a new web application, the template web.config file contains an entry for session state. By default, session state is stored InProc. Here is the sessionState tag from the default web.config file in a new VS.NET project:
<!-- SESSION STATE SETTINGS
By default ASP.NET uses cookies to identify which requests belong to a particular session.
If cookies are not available, a session can be tracked by adding a session identifier to the URL.
To disable cookies, set sessionState cookieless="true".
-->
<sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source= 127.0.0.1;userid=sa;password="
cookieless="false"
timeout="20" />
There are 4 values for the mode attribute:

Off Session state is not enabled.
Inproc Session state is stored in the local server's memory.
StateServer Session state is stored on a remote server.
SQLServer Session state is stored in SQL Server.

The InProc value is the familiar ASP version of state management. StateServer allows you to indicate a specific machine to act as a state server. This server runs a special service, the ASP.NET State Service, that listens on a TCP port (default is 42424). To change the default port, modify the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aspnet_state\Parameters\Port

You can configure web farm servers to point to a single state management server. If one of the web servers goes down, another server will be able to field subsequent requests and sessions will not be lost.

Another option is to store session data in SQLServer. This has the same web farm benefits as the StateServer option, but adds the ACID (Atomicity, Consistency, Isolation, Durability) properties to the session state data. Performance-wise, this is the slowest of the state management options, but it offers the greatest durability for the cases where maintaining session data is critical.

The Session Object

To add and retrieve objects in your ASP.NET pages, you can use the intrinsic Session object (an instance of System.Web.SessionState.HttpSessionState). This object implements an indexer, so you can set and retrieve objects via a key. The following code snippet shows how to add a string value to the session object, retrieve it back, and also loop through all values in the Session:

//Add Specific Variable
Session["firstname"] = "James";

//Retrieve Specific Variable
string strName = Session["firstname"].ToString();

//Loop through all Variables
foreach(string key in Session.Keys)
{
    Response.Write(key + " = " + Session[key]);
}

Additional Resources

  • HttpSessionState class
  • Managing Application State


    • Questions, comments, or suggestions? Contact us at info@dotnetcoders.com
    © 2000-2003 .netCoders. All rights reserved. Terms of Use