DotNetStories
Session State in ASP.Net
In this post I will talk about ASP.Net State management. I will provide a hands on example with VS and VB.Net.
Before I go on with my example I would like to give a short introduction first.
Web applications are built on Hypertext Transfer Protocol (HTTP). HTTP is a stateless protocol and each request to the server from the client is understood as an independent request.
ASP.NET
provides a powerful way to store a user’s session specific data using
the Session State which is accessible as long as the user’s session is
alive.
At some point we might need to access complex information such as custom objects.Obviously we can’t persist them to cookies.In our application we could have strict security requirements that prevents us from storing information about a client in view state or in a custom cookie. In cases like that, we must use the built-in session state facility.We can store any type of data in memory on the server. The information is protected, because it is never transmitted to the client, and it’s uniquely bound to a specific session. Every client that accesses
the application has a different session and a distinct collection of information. We could store in session state things such as the items in the current user’s shopping basket when the
user browses from one page to another.
One might ask, "What is the mechanism for session tracking?"
ASP.NET uses a unique 120-bit identifier and produces a unique value that evil people can’t reverse-engineer or “hack”, the session ID a given client is using. This is the only piece of session-related information that is transmitted between the web server and the client.
The client presents the session ID, then what happens is that ASP.NET looks up the corresponding session, retrieves the objects stored and places them into a special collection so they can be accessed by our code.
The client must present the appropriate session ID with each request.
We can accomplish this in two ways:
Cookies: In this case, the session ID is transmitted in a special cookie (named
ASP.NET_SessionId), which ASP.NET creates automatically when the session collection is
used.
Using URLs: In this case, the session ID is transmitted in a specially modified URL. This allows you to create applications that use session state with clients
that don’t support cookies.
Session state can slow down our application. It solves many of the problems associated with other forms of state management but places a heavy load on the server in terms of memory.
If we have hundreds or thousands of clients access the site then the performance will be very bad.
The last thing we want is to have an application that cannot scale gracefully.
I will be using VS 2010 Ultimate edition and VB.Net to create a simple asp.net application.
We will use in our next example session state to store several Car objects.
1) Launch Visual Studio 2010/2008/2005.Express edition will suffice.
2) Create a web site with an appropriate name.
3) Add a class file in your site and name it Car.vb. The code should be like this
Public Class Car
Public Name As String
Public Colour As String
Public Cost As Double
Public Sub New(ByVal name As String, _
ByVal colour As String, ByVal cost As Double)
Me.Name = name
Me.Colour = Colour
Me.Cost = cost
End Sub
End Class
4) Add a listbox,2 label controls and a button in the default.aspx page. Name the listbox control as lstItems, the 2 labels as lblSessionInfo and lblCarInfo. Leave the default name for the button control.
5) In the Page_Load event handling routine type
If Me.IsPostBack = False Then
Dim car1 As New Car("BMW", _
"Blue", 32000)
Dim car2 As New Car("VW Polo", _
"Black", 18667)
Dim car3 As New Car("Audi", _
"Red", 30345)
Dim car4 As New Car("Citroen", _
"Gray", 9878)
Session("mycar1") = car1
Session("mycar2") = car2
Session("mycar3") = car3
Session("mycar4") = car4
lstItems.Items.Add(car1.Name)
lstItems.Items.Add(car2.Name)
lstItems.Items.Add(car3.Name)
lstItems.Items.Add(car4.Name)
End If
lblSessionInfo.Text = "Session ID: " & Session.SessionID
lblSessionInfo.Text &= "<br />Number of Objects: "
lblSessionInfo.Text &= Session.Count.ToString()
lblSessionInfo.Text &= "<br />Mode: " & Session.Mode.ToString()
lblSessionInfo.Text &= "<br />Is Cookieless: "
lblSessionInfo.Text &= Session.IsCookieless.ToString()
lblSessionInfo.Text &= "<br />Is New: "
lblSessionInfo.Text &= Session.IsNewSession.ToString()
lblSessionInfo.Text &= "<br />Timeout (minutes): "
lblSessionInfo.Text &= Session.Timeout.ToString()
The Car objects are created the first time when the page is loaded, and they’re stored in
session state. The user can then choose from a list of car names. When a selection
is made, the corresponding object will be retrieved, and its information will be displayed.The code is very simple.
6) Double click on the button and in the event handling routine type
If lstItems.SelectedIndex = -1 Then
lblCarInfo.Text = "No item selected."
Else
Dim Key As String
Key = "mycar" & _
(lstItems.SelectedIndex + 1).ToString()
Dim TheCar As Car = CType(Session(Key), Car)
lblCarInfo.Text = "Name: " & TheCar.Name
lblCarInfo.Text &= "<br />Color: "
lblCarInfo.Text &= TheCar.Colour
lblCarInfo.Text &= "<br />Cost: " & TheCar.Cost.ToString("c")
We retrieve the current Car object from Session like this
Dim TheCar As Car = CType(Session(Key), Car)
7) Run your application and see the names of the Car objects stored in the Session listed in the ListBox control. You will also see when the page loads useful information about the Session.
Select one car name and hit the button. You will see whole information about the specific car object stored in the session state.
Email me if you want the source code.
Hope it helps!!!