In this article I'll try to cover the different techniques session state management in ASP.Net applications. With this we are going to be able to determine the best approach for our solution when we manage the session states in ASP.Net applications.
These are the session state management options in Asp.net
- Query String
Fot Off|StateServer|InProc|SQLServer, we will need to specify the session state tag in the web.config. This is a template code:
<sessionState mode="Off|StateServer|InProc|SQLServer" cookieless="true|false" timeout="number of minutes" stateConnectionString="tcpip=server:port" sqlConnectionString="sql connection string" stateNetworkTimeout="number of seconds"/>
Off mode, which disables session state.
StateServer Session State mode
StateServer Session State mode, which stores session state in a separate process called the ASP.NET state service. This ensures that session state is preserved if the Web application is restarted and also makes session state available to multiple Web servers in a Web farm. StateServer session runs as a Windows service and would help to minimize database traffic.
<configuration> <system.web> <sessionState mode="StateServer" stateConnectionString="tcpip=SampleStateServer:42424" cookieless="false" timeout="20"/> </system.web> </configuration>
InProc Session State
InProc Session State, this mode stores session state with the ASP.NET worker process (in memory on the Web server). It is not valid in a web farm configuration.
<configuration> <system.web> <sessionState mode="InProc" cookieless="true" timeout="20"/> </sessionState> </system.web> </configuration>
SqlServer Session State
SqlServer Session State. stores session state in a SQL Server database. This ensures that session state is preserved if the Web application is restarted and also makes session state available to multiple Web servers in a Web farm. Although, It does support a web farm configuration, you should not use this if you want to minimize database traffic.
<configuration> <system.web> <sessionState mode="SQLServer" sqlConnectionString="Integrated Security=SSPI;data source=SampleSqlServer;" /> </system.web> </configuration>
Cookie State mode
Cookie State mode. Cookies are stored on the client, so the application would not be able to keep the state if they switched to a different device or a different browser. Also the user needs to have the cookies enabled in their browser
Query String It can be used for passing limited state information across request boundaries, this solution would not be able to keep the state if they switched to a different device. This solution will work even if the user have disabled the cookies in the browser.
Custom mode, which enables you to specify a custom storage provider.
<configuration> <connectionStrings> <add name="OdbcSessionServices" connectionString="DSN=SessionState;" /> </connectionStrings> <system.web> <sessionState mode="Custom" customProvider="OdbcSessionProvider"> <providers> <add name="OdbcSessionProvider" type="Samples.AspNet.Session.OdbcSessionStateStore" connectionStringName="OdbcSessionServices" writeExceptionsToEventLog="false" /> </providers> </sessionState> </system.web> </configuration>
These are the options we have in Asp.net to manage the session state in an application. Hope this was helpful.