ASP. NET session easy to lose solution

Web Form Web pages are HTTP-based and have no state, which means that they do not know whether all requests are from the same client computer, that the Web page is corrupted, and whether it has been refreshed, which could result in the loss of information.     As a result, state management becomes a real problem in developing Web applications. These problems can be easily solved by using cookies, query strings, applications, sessions, etc. in ASP. Now in the ASP. NET environment, we can still use these features, and the functionality is more powerful. State management is divided into two cases: server and client, and this is just about server state management.

Unlike the Application object, the Session object of ASP. NET can restore the state of the pre-boot status without losing the data in the IIS server or worker process restart. This is because the information stored in the session is stored by default in a state server process that is running as a Windows service. The state can be serialized and stored in memory in binary form. Programmers can suspend the use of Microsoft SQL Server databases to store data.

The state Server service and state information can exist on the same server as the Web application, or it can be saved to an external state server. To specify how information is stored, programmers can write the appropriate configuration in the Web. config file.

Asp. NET session state module in the Web. config file <System.web> tag under the <Sessionstate> tag's mode property to determine the four possible values of the property: Off, Inproc StateServer    and SQL Server. 1 InProc is the default setting
It allows a "no cookie" session and stores session data outside the server. Asp. NET session state module is configured in the Web. config file as follows:

<sessionstate mode= "InProc" cookieless= "false" timeout= "/>"

In this example, the Mode property is set to InProc (the default), which indicates that the session state is to be stored in memory by ASP, and that no cookie is used to pass the session ID. Instead, the session ID is inserted directly into the query string of a Web page URL. For example, after using InProc mode and establishing a session, invoking an imaginary ASP. NET page requires the following URL:

http://my.website.com/(12MFJU55VGBLUBJLWSI4DGJQ)/education.aspx

Long letters and numeric strings in parentheses are the session IDs. Asp. NET engine extracts the session ID from the query character and links the user request to a specific session. In this way, no cookie or hidden form fields are unnecessary. So, even if you don't use a form in your Web page, you can join a conversation.

But this way, the state of the application will depend on the ASP. NET process, the state saved in the process is lost when the IIS process crashes or a normal restart occurs.

2 Mode property is set to Off
Like the previous ASP, ASP. NET session state management is to incur overhead. Therefore, if a webpage does not need to access the session object, the developer should set the page precompiled Directive's EnableSessionState property to False. To disable session state for the entire Web site, you can set the Mode property of the sessionstate element to off in the Web. config file.

To overcome the drawbacks of the InProc model, ASP. NET provides two ways to save session state outside of the process.

3 StateServer Session Management

Set the Mode property to StateServer, which is to store session data in a separate memory buffer and run on a separate machine

Windows services to control this buffer. The full name of the status service is "ASP." (Aspnet_state.exe),

It is configured by the stateConnectionString property in the Web. config file. This property specifies the server on which the service resides, and the

Ports to view: <sessionstate mode= "StateServer" stateconnectionstring= "tcpip=myserver:42424" cookieless= "false" timeout= "/>" In this example, the State service runs on port 42424 (the default port) of a machine called MyServer. To change on the server

Port, you can edit the port value in the Hklm\system\currentcontrolset\services\aspnet_state registry key.
Obviously, the advantage of using a state service is process isolation and can be shared in a Web farm. With this mode, session state storage will not

Depending on the failure or restart of the IIS process, all session data will be lost once the state service is aborted. In other words, the state service does not

The data is persisted as SQL Server does, and it simply stores the data in memory.

4 Session Management with SQL Server
Asp. NET also allows session data to be stored in a database server by turning the Mode property into SQL. In this case, ASP. NET attempts to store session data in the sqlConnectionString attribute (which contains the data source and the logon service

Security credentials required by the server. To configure SQL erver with the appropriate database objects, administrators also need to create ASPState databases by running Windir\microsoft.net\framework\ The Installstate.sql script in the version folder (windir is the service

Windows folder, and version is the installation folder for the. NET Framework version you are using. To configure a SQL Server, you can run SQL Server-provided command-line tools on the command line Osql.exe

osql-s [Server name]-u [user]-p [password] <installsqlstate.sql for example osql-s (local) \netsdk-u sa-p ""-I Installsql State.sql

Here the user name must be the SA account on the SQL Server, or another account with equivalent permissions. Interested readers can open this script file to see how ASP. SQL Server is implemented with state management.
To unload these tables and stored procedures, you can use the UninstallSqlState.sql script, similar to the previous method.

After you have done the necessary database preparation, change the mode of the sessionstate element in the Web. config file to "SQL Server" and specify the SQL connection string. Specific as follows:

mode= "SQL Server" sqlconnectionstring= "Data source=127.0.0.1; Userid=sa; Password= "

When SQL Server is configured, the application code runs with no difference from InProc mode. However, it is important to note that since the data does not exist

stored in local memory, so objects that store session state need to be serialized and deserialized to pass the network to the database server.

and returned from the database server. This will of course affect performance. By storing session state in the database, you can individually target scalability and reliability

To effectively balance performance. In addition, you can leverage the SQL Server cluster so that the state store does not rely on a single SQL Server, so that you can provide maximum reliability for your application.

ASP. NET session easy to lose solution