Article ID: 307598 - Last Review: May 16, 2007 - Revision: 4.7

INFO: ASP.NET State Management Overview

View products that this article applies to.
This article was previously published under Q307598

On This Page

Expand all | Collapse all

SUMMARY

This article provides an introduction to the ASP.NET state management features.

For additional ASP.NET overviews, refer to the following Microsoft Knowledge Base article:
305140  (http://support.microsoft.com/kb/305140/ ) INFO: ASP.NET Roadmap
Back to the top

MORE INFORMATION

HTTP is a stateless protocol. Each request is serviced as it comes; after the request is processed, all of the data is discarded. No state is maintained across requests even from the same client.

However, it is very useful to maintain state across requests for certain solutions. ASP.NET enables you to maintain both application state and session state through use of application and session variables respectively.

This article addresses the following state management topics:
Back to the top

Application State

Application state variables are, in effect, global variables for each ASP.NET application. You can share values of these variables throughout that application. These variables are usually set in the Application_OnStart event and then accessed and modified in individual ASP.NET pages.

The lifetime of application variables spans through the lifetime of the ASP.NET application until the application is unloaded.

For more information about application state, refer to the following topic in the .NET Framework Software Development Kit (SDK) documentation:
Application State
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/html/cpconapplicationstate.asp (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/html/cpconapplicationstate.asp)
Back to the top

Session State

You can store values that need to be persisted for the duration of a user's session in session variables. These variables are unique to each user session and can be accessed in any ASP.NET page within an application. You can set and access session information from within an ASP.NET application. For example:

Microsoft Visual Basic .NET
'Assign a value to the myvariable session variable.
Session("myvariable") = "somevalue"

'Retrieve the value of the myvariable session variable.
If not(Session("myvariable")is nothing) Then
  Dim myString As String = Session("myvariable").ToString()
End If
Microsoft Visual C# .NET
//Assign a value to the myvariable session variable.
Session["myvariable"] = "somevalue";

//Retrieve the value of the myvariable session variable.
string myString;
if (Session["myvariable"] != null)
  myString = (string)Session["myvariable"];
It is important to remember that session variables are now objects. Thus, to avoid a run-time error, you should check whether the variable is set before you try to access it.

Session variables are automatically discarded after they are not used for the time-out setting that is specified in the Web.config file. On each request, the time out is reset. The variables are lost when the session is explicitly abandoned in the code.

When a session is initiated on first request, the server issues a unique session ID to the user. To persist the session ID, store it in an in-memory cookie (which is the default), or embed it within the request URL after the application name. To switch between cookie and cookieless session state, set the value of the cookieless parameter in the Web.config file to true or false.

In cookieless mode, the server automatically inserts the session ID in the relative URLs only. An absolute URL is not modified, even if it points to the same ASP.NET application, which can cause the loss of session variables.

ASP.NET supports three modes of session state:
  • InProc: In-Proc mode stores values in the memory of the ASP.NET worker process. Thus, this mode offers the fastest access to these values. However, when the ASP.NET worker process recycles, the state data is lost.
  • StateServer: Alternately, StateServer mode uses a stand-alone Microsoft Windows service to store session variables. Because this service is independent of Microsoft Internet Information Server (IIS), it can run on a separate server. You can use this mode for a load-balancing solution because multiple Web servers can share session variables. Although session variables are not lost if you restart IIS, performance is impacted when you cross process boundaries.
  • SqlServer: If you are greatly concerned about the persistence of session information, you can use SqlServer mode to leverage Microsoft SQL Server to ensure the highest level of reliability. SqlServer mode is similar to out-of-process mode, except that the session data is maintained in a SQL Server. SqlServer mode also enables you to utilize a state store that is located out of the IIS process and that can be located on the local computer or a remote server.
Note You can use all three modes with in-memory cookie or cookieless session ID persistence.

For more information about session state, refer to the following topic in the .NET Framework SDK documentation:
Session State
http://msdn2.microsoft.com/en-us/library/87069683(vs.71).aspx (http://msdn2.microsoft.com/en-us/library/87069683(vs.71).aspx)
Back to the top

Configuring Session State

You can configure session state in the <sessionState> configuration section of the Web.config file. The <sessionState> configuration section appears similar to the following: 
<sessionState mode="InProc" 
  stateConnectionString="tcpip=127.0.0.1:42424" 
  sqlConnectionString="data source=127.0.0.1;user id=<username>;password=<strong password>" 
  cookieless="false" 
  timeout="20" />
For more information about the <sessionState> configuration section, refer to the following topic in the .NET Framework SDK documentation:
<sessionState> Section
http://msdn2.microsoft.com/en-us/library/h6bb9cz9(vs.71).aspx (http://msdn2.microsoft.com/en-us/library/h6bb9cz9(vs.71).aspx)
For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
317604  (http://support.microsoft.com/kb/317604/ ) HOW TO: Configure SQL Server to Store ASP.NET Session State
Back to the top

REFERENCES

For more general information about ASP.NET, refer to the following MSDN newsgroup:
microsoft.public.dotnet.framework.aspnet (http://msdn.microsoft.com/newsgroups/default.aspx?query=microsoft.public.dotnet.framework.aspnet&dg=&cat=en-us-msdn&lang=en&cr=US&pt=&catlist=774F24A2-F71F-425F-AC2B-DC48AB0DA5C9&dglist=&ptlist=&exp=&sloc=en-us)
Back to the top
APPLIES TO
  • Microsoft ASP.NET 1.1
  • Microsoft ASP.NET 1.0
Back to the top
Keywords: 
kbarttyperoadmap kbcookie kbinfo kbstate KB307598
Back to the top
 

Get Help Now

Contact a support professional by E-mail, Online, or Phone

Article Translations