Using Sessions: - It is used to maintain the user information across the web form present within the website by storing the data at the server side.
Enhancements for Sessions:-
- ASP.NET supports cookie-based sessions and cookie-less sessions.[mainly all tech. supports only cookie-based sessions]
- ASP.NET supports to enable or disable the sessions as per the requirement.
- ASP.NET can maintain the session data as an In-process data i.e. within the webserver and also has an capability to maintain the data as an Out-process data i.e. within the StateServer or SqlServer database.[mainly all other tech. maintain within webserver only]
Process Dependent Sessions[In-Process session(default)] :-
a)To set the Session[Cookie-based]: -
Session variable can be set :
Session[“key”] = value;
Or
Session object can be used to access session memory from asp.net webpage :
Methods:
Add(var, value) :
Session.Add(“key”,value);
Remove(var) : it will remove var from session memory
Abandon() : it will close session explicitly before timeout
Session.Abandon();
Property :
Timeout : this provides timeout of session, this can be used to change timeout programmatically.
Session Tracking or say Use of Session ID: -
Session will always identifies their client by providing an id for the client wihich is called as Session ID, this Session Id will be 120 bit number in the hexa decimal format. Webserver can generate 2^120 unique session ids . This Session ID is given as a Cookie object to the client or to the browser , when browser performs further communication with website it will submit sessionid to webserver, based on session id webserver will identify session belonging to client.
To retrieve Session Id:- Session.SessionId;
Notes:-
1. Normal variable memory will be erased after page processing an d it will not be accessible in other webpages
2. Session variable will be maintained after page processing, this will be accessible to different requests of client in different webpages..
3. Session will always consider its value as an object.
To read as string : var = Session[“variable”].tostring();
To read as object : objname = (objtype)Sessuib[“variable”];
4. The default expiration period for the sessioin is 20mins.
5. Session will always store the information within the webserver .
6. If a String is assigned as a value to the session then the data is maintained within the content collections.
7. If an object is maintained as a value to the session the information is maintained within the static object collection.
Limitations of Sessions [Cookie-based]:-
Web browsers are having capability to block the cookies and if the browser has blocked the cookies then the website which uses cookie-based Sessions will not function properly.
Solution:-
b)Cookie-Less Sessions: - if used then session id of the client will be passed to all the requested URLs by the client by appending the session id within the URL.
Advantages:
Websites will function effectively irrespective the cookies are enabled or disabled within the browser.
Performance will be faster than the cookie-based sessions.
To set the sessions [Cookie-less]:-
<System.Web>
<SessionState mode=”InProc” Cookieless=”true”/>
Other Options for cookieless
- usecookies[default]: sessionid will be given in the form of cookie.
- useuri: sessionid will be given in the form of querystring appending to url
- usedeviceprofile: sessionid will be given based on requested device.
Pocketpc --------<-------------- webserver
Appended to url | |
| cookie
PC(browser)
autodetect: it is similar to usedeviceprofile, it will verify cookies disabled or enabled with browser to provide session id.
true: useuri
false: usecookies
Enabling and Disabling Session or Optimization of Session:
By default sessions are always enabled within the web form.
To disable at page level: go to page directive
<%@ Page Language=”c#” EnableSessionState=”true/false/readonly” %>
true: session tracking,reading & writing supported
false: no session tracking
readonly: session tracking, only reading supported.
To disable at website level: go to web.config
<System.Web>
<SessionState mode=”off”….>
Process Dependent Sessions:
Browser webserver
| |
App[using sessions] asp.net worker process
| |
ok ----------- AppDomain
|------------[sessions]
The session within appdomain under worker process is called “Process Dependent Session” or “In-Process Session [default]”.
