ASP.NET State Management

2011-08-10


HTTP protocol is a stateless protocol. So ASP.NET need to manage the state. ASP.NET comes with built-in supports for state management both at the server and client side.

Server Side State Management

State information can be managed using Application, Session or Cache objects;

Application Object:

Application object can store the information for all users who are using the application.

Example:

private static readonly Object lockObj = new Object();

protect void Page_Load(object sender, EventArgs e) 
{ 
    … 
    lock(lockObj) 
    { 
       Application["GlobalString"] = "This is Globlal String"; 
    } 
    … 
}

Session Object:

Session activate during the connectivity between a client and a server application. Session object is used to store user-specific data;

You can use cookies or cookieless session.

SessionID is stored inside cookies if you use cookies for session, otherwise, SessionID is embedded in the URL itself.

<configuration> 
  <system.web> 
    <sessionState cookieless="false" /> 
  </system.web> 
</configuration>

Session State Storage Modes:

There are 3 storage modes: InProc, State Server and SQL Server storage modes (we call State Server and SQL Server mode are OutProc mode also).

InProc:

Session Data is stored in ASP.NET worker process, it is the fastest mode. but if data is large, the performace will be affected a lot.

State Server:

Using a stand-alone Microsoft Windows service (independent of IIS). the session state is serialized and stored in memory in a separate process managed by aspnet_state.exe file.
State Server can be on a different system.

If you want to use state server, you should set in web.config file.

Using SQL Server

Session data is serialized and stored in a database table in SQL Server DB.
To use SQL Server mode, execute the InstallSQLState.sql file, the file located at System drive\Windows Directory\Microsoft.NET\Framework\Version,

How to choose:

If site runs on a single server, better choose the InProce mode; if web farms are using, the OutProc mode is better;

Session config:

<configuration> 
  <sessionState mode="Inproc" cookieless = "false" timeout="20" /> 
</configuration>

Enable / Disable Session State:

For a page:  In Page directive

<%@ Page EnableSessionState="False" %>

For an Application:

<configuration> 
<system.web> 
<pages enableSessionState="false" /> 
</system.web> 
</configuration>

Cache Object:

Storing frequently used but relatively stale data in main memory using cache object;

Client Side State Management

There are 4 kinds of Client State Management: ViewState, Hidden Fields, Query Strings, Cookies;

ViewState: ViewStaet is used to maintain the state of an ASP.NET paeg as it moves back and forth. ViewState does not hold the page’s control; rather, it holds the control IDs and their corresponding values that would otherwise have been lost due to a postback to the web server. So, ViewState represents the state of a page when it was last processed on the web server.

(above content is a note of reading book: ASP.NET 4.0 Programming by Joydip Kanjilal)