Using server-side state management
Application state in ASP.NET is a global storage mechanism for state data that needs to be accessible to all pages in a given Web application. Application state is optional; it is often not required.
You store application state in an instance of the HttpApplicationState class that is provided through the Page.Application property. This class represents a key–value dictionary, where each value is stored and accessed by its key (or name). You can add to and read from the application state from any page on the server.
Most Web applications need to store user-specific data between individual requests.
Session state can be thought of in a similar way as application state. The big difference is that session state is scoped to the current browser (or user) session and only available to that session (and not the entire application).
You store user-specific session state in the Session object. This is an instance of the HttpSessionState class and represents a key–value dictionary collection. Items are added, updated, and read in a similar manner as working with any .NET dictionary collection.
Eg: place a button and write the following code.
Disabling Session State
Configuring Cookieless Session State
By default, session state uses cookies to track user sessions. This is the best choice for the vast majority of applications. All modern Web browsers support cookies. However, users can turn them off. Therefore, ASP.NET allows you to enable cookieless session state.
Without cookies, ASP.NET tracks sessions using the URL by embedding the session ID in the URL after the application name and before any remaining file or virtual directory identifier.
ASP.NET provides a few different session management modes for your application.
ASP.NET provides two ways to store state on the server and thus share information between Web pages without sending the data to the client. These two methods are referred to as application state and session state. Application state information is global to the application. It is available to all pages regardless of the user requesting the page. Session state is user-specific state that is stored by the server. It is available only to pages accessed by a single user during a visit to your site.
Application State
You store application state in an instance of the HttpApplicationState class that is provided through the Page.Application property. This class represents a key–value dictionary, where each value is stored and accessed by its key (or name). You can add to and read from the application state from any page on the server.
Eg: place a button and write the following code.
Application["a"] = Convert.ToInt32(Application["a"]) + 1;
Response.Write("Application value = "+Application["a"]);
Session State
Most Web applications need to store user-specific data between individual requests.
Session state can be thought of in a similar way as application state. The big difference is that session state is scoped to the current browser (or user) session and only available to that session (and not the entire application).
Reading and Writing Session State Data:
You store user-specific session state in the Session object. This is an instance of the HttpSessionState class and represents a key–value dictionary collection. Items are added, updated, and read in a similar manner as working with any .NET dictionary collection.
Session["a"] = Convert.ToInt32(Session["a"]) + 1;
Response.Write("Session value = "+Session["a"]);
Disabling Session State
If you don’t use session state, you can improve performance by disabling it for the entire application. You do so by setting the sessionState mode property to Off in the Web.config file. The following shows an example:
<configuration>
<system.web>
<sessionState mode="off"/>
</system.web>
</configuration>
You can also disable session state for a single page of an application by setting the EnableSessionState page directive to False. You can also set the EnableSessionState page directive to ReadOnly to provide read-only access to session variables for the given page.
Eg:
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs"
Inherits="_Default" EnableSessionState = "False"%>
Configuring Cookieless Session State
By default, session state uses cookies to track user sessions. This is the best choice for the vast majority of applications. All modern Web browsers support cookies. However, users can turn them off. Therefore, ASP.NET allows you to enable cookieless session state.
You enable cookieless sessions through the Web.config file. Set the cookieless attribute of the sessionState element to true.
<configuration>
<system.web>
<sessionState cookieless="true"
regenerateExpiredSessionId="true" />
</system.web>
</configuration>
Choosing a Session State Mode
ASP.NET provides a few different session management modes for your application.
InProc: Stores session state in memory on the Web server. This is the default mode. It offers much better performance than using the ASP.NET State Service or storing state information in a database server.
StateServer: Stores session state in a service called the ASP.NET State Service. This ensures that session state is preserved if the Web application is restarted and also makes session state available to multiple Web servers in a Web farm.
SQLServer: Stores session state in a SQL Server database. This ensures that session state is preserved if the Web application is restarted and also makes session state available to multiple servers in a Web farm.
Custom: Enables you to specify a custom session state storage provider. You also need to implement (code) the custom storage provider.
Off: Disables session state. You should disable session state if you are not using it to improve performance.