What are session management techniques in .NET?

 Posted by SheoNarayan on 4/9/2008 | Category: .NET Framework Interview questions | Views: 50226
Answer:

There are three different techniques of managing session in ASP.NET
InProc
Session state is stored locally in memory of ASP.NET worker process.

StateServer
Session state is stored outside ASP.NET worker process and is managed by Windows service. Location of this service is specified by stateConnectionString attribute.

SQLServer
Session state is stored outside ASP.NET worker process in SQL Server database. Location of this database is represented by sqlConnectionString attribute.

For more details, please visit
http://shailkpatel.blogspot.com/2007/03/session-management-techniques.html895r


Asked In: Many interviews | Alert Moderator 

Comments or Responses

Posted by: Biswarup90 on: 11/23/2011 | Points: 10
Session Management can be achieved in two ways

InProc

Adv.:
1) Faster as session resides in the same process as the application
2) No need to serialize the data

DisAdv.:
1) Will degrade the performance of the application if large chunk of data is stored
2) On restart of IIS all the Session info will be lost


State Server
Adv.:
1) Faster then SQL Server session management
2) Safer then InProc. As IIS restart
won't effect the session data

DisAdv.:
1) Data need to be serialized
2) On restart of ASP.NET State Service session info will be lost
3)Slower as compared to InProc

SQL Server
Adv.:
1) Reliable and Durable
2) IIS and ASP.NET State Service
restart won't effect the session data
3) Good place for storing large chunk of data

DisAdv.:
1) Data need to be serialized
2) Slower as compare to InProc and State Server
3)Need to purchase Licensed
version of SQL Server



Posted by: Biswarup90 on: 11/23/2011 | Points: 10
Example of InProc:
<sessionState mode="InProc" cookieless="false" timeout="10" />

Mode attribute is set to InProc (the default) to indicate that the session state is stored in memory by ASP.NET and that cookies will not be used to pass the session ID. Instead, the session ID is inserted into the query string for a pages URL.
For example:
Using InProc mode, after a session is established, a call to a hypothetical ASP.NET page would look something like the following
http://my.websitename.com/(mfghvgblurtywsityvjq)/dotnetfunda.aspx

Pros and cons of the three session management solutions in brief

InProc - stored in memory on web server

This is the default setting.
Pros: least overhead, fastest performance
Cons: breaks web clusters, restarting IIS loses sessions
StateServer - managed by a remote service (aspnet_state)

HTTP protocol over TCP port.
Pros: reasonably fast, works with clusters
Cons: clear text, no authentication, overflows...
SQLServer - stored in SQL Server DB tables

Uses normal ODBC connection.
Pros: reliable, scalable
Cons: relatively slow, much overhead


Posted by: Nareyugam on: 4/23/2012 | Points: 10
Three types:
1. InProc: Stores locally in Asp.netWorker process
2. SessionState:Stores Outside the worker process through windows services
3. Sqlserver: Stores through Sqlserver Database



Posted by: Vivekjj on: 10/5/2012 | Points: 10
1)InProc
2)OutProc

OutProc is two types
1)State Server
2)SQL Server

Login to post response

More Interview Questions by SheoNarayan