Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How the session work in asp.net?

Please any one suggest me how the session is actually work in asp.net? I am confuse in part of session and want to briefly knowledge of it so please guide me

like image 596
coolbudy Avatar asked Sep 04 '11 11:09

coolbudy


People also ask

How session works in ASP NET MVC?

ASP.NET MVC provides three ways (TempData, ViewData and ViewBag) to manage session, apart from that we can use session variable, hidden fields and HTML controls for the same. But like session variable these elements cannot preserve values for all requests; value persistence varies depending the flow of request.

How does a session work?

A session is defined as a series of related browser requests that come from the same client during a certain time period. Session tracking ties together a series of browser requests—think of these requests as pages—that may have some meaning as a whole, such as a shopping cart application.


2 Answers

ASP.NET uses a cookie to track users. When you try to write something to the session for the first time a cookie is sent to the client, something like ASP.NET_SessionId. This cookie is sent by the client on subsequent requests. Thanks to this cookie the server is able to identify the client and write/read the associated session data. It is important to note that this cookie is not persistent (wouldn't survive browser restarts) and is emitted with the HttpOnly flag meaning that client scripts cannot access it.

In addition to cookies you could also configure ASP.NET to use hidden fields or append the session id to the query string on each request.

So the base idea behind session is that the actual data is stored somewhere on the server and the client sends some ID on each request so that the server can know where to find its data.

By default there are 3 places where the actual session data can be stored:

  • In-Proc: the session is stored into the memory of the application (fastest but if you have multiple servers in a server farm this won't work)
  • Out-of-Proc: the data is stored into a separate server which has the State service installed (the data is stored in the memory of a separate machine meaning that multiple web servers can work in a web farm)
  • SqlServer: the data is stored in SQL Server (it's the slowest but most reliable as the session data is stored in a SQL Server database and could servive if the Session server crashes which is not the case with Out-Of-Proc)
  • Custom implementation: thanks to the extensibility of ASP.NET you could write your own session provider and store the data wherever you like.

Here's a good article on MSDN which explores the ASP.NET Session State.

like image 93
Darin Dimitrov Avatar answered Oct 04 '22 01:10

Darin Dimitrov


Session: [Stored on Server side]

1.If you create the session means,the server stores your session data and creates one SessionID . [Session Data with SessionID stored in State Provider in Server]

2.Then the server Returns the SessionID to the client's browser.

3.Then you can store the returned SessionID in Cookie.

4.Upcoming Subsequent request attached with SessionID can access the Server Data.

Note: Session only for current browser Session and user specific.

like image 20
Vicky Avatar answered Oct 03 '22 23:10

Vicky