Search - Articles
DevASP.NET for ASP.NET, VB.NET, XML and C# (C-Sharp) Developers Tuesday, March 03, 2009
Dev Articles
Search Directory
SQL Server

Session State in ASP.NET

Author: Nikki Smith

Session state is used to manage user sessions. Let’s see Session State internals in this article.


It is necessary for the developers to handle sessions for the users because of the stateless nature of the HTTP protocol. In ASP.NET, Session state allows you to store and retrieve values for users that visit different pages in the application. Each request to the web page is treaded as separate request by the web server. Every time a request is made to the server by a user, a session object creates the unique ID for that user and saves the session values. When a request from that user is made for a page in the same application and from the same browser, Session State recognizes the user for a limited time period. So the Session State is maintained for the user of the application. Session State technique is said to be more flexible and more efficient way of managing state for users.

Session State uses Key-Value pair to store session variables. You just need to set a value for a session object key and then retrieve that value using Session key. Session object can store values in any ASP.NET type but you must have to cast the value in appropriate type when retrieving session value. A good approach is to check session object first, if it is not empty then retrieve the value.
Store and Retrieve Session Values
A complete example to use session object will come in a future article.
To store data in Session object
Session["Key"] = "Value";
Session("Key") = "Value"
To retrieve a session object value
if (Session["Key"] != null) {
      string Value = Session["Key"].ToString();
If Session("Key") IsNot Nothing Then
      Dim Value As String = CType(Session("Key"), String)
End If
“sessionState” Settings in web.config file
You have to provide settings in web.config file in <sessionState> tag. The <sessionState> tag can be like this.
<sessionState mode ="InProc" cookieless ="true" timeout ="20"/>
ASP.NET provides different modes to store session state data at different storage positions. We can define it in “Mode” attribute. Options available are InProc, SQLServer, StateServer, Custom and Off.
The “In Process” mode is the default and most common storage option for Session State. It stores session variable in-memory on the web server.It is the fastest and simplest mode because it uses memory of web server. It is very useful for relatively small applications.
It stores session data in SQL Server database. Session State will be preserved when stored in database and it will be available for multiple web servers. It is very useful for large applications to store session state in database.
Session data can be stored in a separate process outside ASP.NET which is managed by Windows. It is called StateServer. It also preserves the session state and make available to multiple servers.
You can provide your custom storage by using Custom Mode.
The “Off” mode will disable the Session state.
You have to provide SQL Connection String in “sqlConnectionString” attribute if you selected SQLServer mode.
Location of the StateServer has to be provided by using stateConnectionString.
You can use cookieless session handling by setting cookieless to “true”. Session identifiers are stored in a cookie by default.
You can specify the time period (in minutes) to expire the session for a user and session variables will not be available after this. 
Add Article Comment:
Name :
Email Address :
Comments :
<< State Management in ASP.NET

Disclaimer - Privacy
© 2002-2017