How do you manage session in ASP and ASP.NET ?
- 2 Answers
- 10290 Views
- Cap Gemini, Microsoft, I also Faced
- E-Mail Answers
Answer Posted / priya
One of the challenges to developing a successful Web
application is maintaining user information over the course
of a visit, or session, as the user travels from page to
page in an application. HTTP is a stateless protocol,
meaning that your Web server treats each HTTP request for a
page as an independent request; the server retains no
knowledge of previous requests, even if they occurred only
seconds prior to a current request. This inability to
remember previous requests means that it is this difficult
to write applications, such as an online catalog, where the
application may need to track the catalog items a user has
selected while jumping between the various pages of the
catalog.
ASP provides a unique solution for the problem of managing
session information. Using the ASP Session Object and a
special user ID generated by your server, you can create
clever applications that identify each visiting user and
collect information that your application can then use to
track user preferences or selections.
ASP assigns the user ID by means of an HTTP cookie, which
is a small file stored on the client's computer. So, if you
are creating an application for browsers that do not
support cookies, or if your customers might set their
browsers to refuse cookies, you should not use ASP's
session management features.
A session is defined as the period of time that a unique
user interacts with a Web application. Active Server Pages
(ASP) developers who wish to retain data for unique user
sessions can use an intrinsic feature known as session
state.
Programmatically, session state is nothing more than memory
in the shape of a dictionary or hash table, e.g. key-value
pairs, which can be set and read for the duration of a
user's session. For example, a user selects stocks to track
and the Web application can store these values in the
user's ASP session instance:
Copy
Session("Stocks") = "MSFT; VRSN; GE"
Problems with ASP Session State
ASP developers know session state as a great feature, but
one that is somewhat limited. These limitations include:
Process dependent: ASP session state exists in the process
that hosts ASP; thus the actions that affect the process
also affect session state. When the process is recycled or
fails, session state is lost.
Server farm limitations: As users move from server to
server in a Web server farm, their session state does not
follow them. ASP session state is machine specific. Each
ASP server provides its own session state, and unless the
user returns to the same server, the session state is
inaccessible. While network IP level routing solutions can
solve such problems, by ensuring that client IPs are routed
to the originating server, some ISPs choose to use a proxy
load-balancing solution for their clients. Most infamous of
these is AOL. Solutions such as AOL's prevent network level
routing of requests to servers because the IP addresses for
the requestor cannot be guaranteed to be unique.
Cookie dependent: Clients that don't accept HTTP cookies
can't take advantage of session state. Some clients believe
that cookies compromise security and/or privacy and thus
disable them, which disable session state on the server.
These are several of the problem sets that were taken into
consideration in the design of ASP.NET session state.
ASP.NET Session State
ASP.NET session state solves all of the above problems
associated with classic ASP session state:
Process independent: ASP.NET session state is able to run
in a separate process from the ASP.NET host process. If
session state is in a separate process, the ASP.NET process
can come and go while the session state process remains
available. Of course, you can still use session state in
process similar to classic ASP, too.
Support for server farm configurations: By moving to an out-
of-process model, ASP.NET also solves the server farm
problem. The new out-of-process model allows all servers in
the farm to share a session state process. You can
implement this by changing the ASP.NET configuration to
point to a common server.
Cookie independent: Although solutions to the problem of
cookieless state management do exist for classic ASP,
they're not trivial to implement. ASP.NET, on the other
hand, reduces the complexities of cookieless session state
to a simple configuration setting.
| Is This Answer Correct ? | 3 Yes | 3 No |
Post New Answer View All Answers
Explain client-side scripting?
What is a 401 redirect?
i want the asp.net technical questions and answeres
How does session authentication work?
Which tool you have done?
What is connection pooling and how to enable and disable connection pooling?
What do you mean by serialize and marshalbyref?
Explain the server control events of asp.net ?
We are using Jscriopt validations and at clint site javascript is not running that time validation would work? if yes then how it would behave?
What is __ requestverificationtoken?
Explain how can we access static variable?
What is bson in web api?
How can you dynamically add user controls to a page?
In your ASP.NET 2.0 web application you want to display an image that is selected from a collection of images. What approach will you use to implementing this?
What are the advantages and disadvantages of session?
