ASP.NET session state supports several different storage options for session data. Each option is identified by value in the
SessionStateMode enum. ASP.NET Session has the type HttpSessionStateBase type. Session has 2 methods, Session.Clear() and Session.Abandon(). See the difference.
InProc (default)
Store session state in web server memory.
StateServer
- Store session state in a separate process called ASP.NET state service.
- This ensures session state is preserved if the web app is restarted.
- Makes session state available to multiple web servers in a server farm.
- If using stateServer the objects stored in the session should be serializable.
- If using in a server farm you must have same machine key in all machines.
SQL Server
- Store in SQL Server DB. Same as state server, ensures preservation of data when web app restarted and on web farms.
- Objects should be serializable
- You must first install ASP.NET session state database in SQL Server
- You can use fail over cluster
Custom
Enables you to specify custom storage provider.
See how to implement session state store provider. There's one for Redis.
Off
Disable session state
__________________________________________________________________
HttpSessionState
- Provides access to session-state values as well as session-level settings and lifetime management methods.
- Enables you to store information associated with a unique browser session across multiple requests
- Can access these through Session property of the current HttpContext, or Session property of the Page
- Session data is associated with a specific browser using a unique identifier. By default, this identifier is stored in non-expiring cookie in the browser.
- You can also use Timeout property set a timeout
- When a new session begins session Start event is raised
- When session times out, the Abandon method is called.
- When ASP.NET application shut down the session End event is raised. (The End event is raised only when the session state mode is set to InProc)
- Session state does not persist across application boundaries
- Session values are stored in the memory of the web server.
Session object in ASP.NET
http://stackoverflow.com/questions/2874078/asp-net-session-sessionid-changes-between-requests
http://stackoverflow.com/questions/tagged/sessionid
http://stackoverflow.com/questions/940742/difference-between-session-and-httpcontext-current-session
In ASP.NET For session state management we have,
- View State
- Control state
- Hidden fields
- Cookies
- Query Strings