Configuration of sessionstate in Web. config

Web Form Web pages are HTTP-based, they have no state, which means they don't know whether all requests come from
On the same client computer, the Web page is compromised, and if it is refreshed, it can cause information
Lost. As a result, state management becomes a real problem in developing Web applications.
These problems can be easily solved by using cookies, query strings, applications, sessions, etc. in ASP.
Now in the ASP. NET environment, we can still use these features, and the functionality is more powerful.
State management is divided into two cases: server and client, and this is just about server state management.

Unlike the Application object, an ASP. NET Session object can be used when the IIS server or worker process restarts
Restores the pre-boot state without losing the data. This is because the information stored in the session is stored by default in the
A state server process that is running as a Windows service. The state can be serialized and stored in memory in binary form.
Programmers can suspend the use of Microsoft SQL Server databases to store data.

The state Server service and state information can exist on the same server as the Web application, or it can be saved to an external
On the state server. To specify how information is stored, programmers can write the appropriate configuration in the Web. config file.

Asp. NET session state module in the Web. config file <System.web> tag under the <Sessionstate> tag's mode property to determine
The four possible values for this property are: Off, Inproc stateserver, and SQL Server.

1 InProc is the default setting

It allows "cookie-free" sessions, as well as storage outside the server
Session data. Asp. NET session state module is configured in the Web. config file as follows:

<sessionstate mode= "InProc" cookieless= "false" timeout= "/>"

In this example, the Mode property is set to InProc (the default), which indicates that the session state is to be stored in memory by ASP.
No cookie is used to pass the session ID. Instead, the session ID is inserted directly into the query string of a Web page URL. For example, using
After inproc the mode and establishing a session, invoking an imaginary ASP. NET page requires the following URL:

http://my.website.com/(12MFJU55VGBLUBJLWSI4DGJQ)/education.aspx

Long letters and numeric strings in parentheses are the session IDs. Asp. NET engine extracts the session ID from the query character and adds the user
Requests are linked to a specific session. In this way, no cookie or hidden form fields are unnecessary.
So, even if you don't use a form in your Web page, you can join a conversation.

But this way, the state of the application will depend on the ASP. NET process, when the IIS process crashes or restarts normally, save the
The status in the process is lost.

2 Mode property is set to Off

Like the previous ASP, ASP. NET session state management is to incur overhead. So, if a webpage doesn't need access
Session object, the developer should set the page precompiled Directive's EnableSessionState property to False.
To disable session state for the entire Web site, you can set the Mode property of the sessionstate element to off in the Web. config file.

To overcome the drawbacks of the InProc model, ASP. NET provides two ways to save session state outside of the process.

3 StateServer Session Management

Set the Mode property to StateServer, which is to store session data in a separate memory buffer and run on a separate machine

Windows services to control this buffer. The full name of the status service is "ASP." (Aspnet_state.exe),

It is configured by the stateConnectionString property in the Web. config file. This property specifies the server on which the service resides, and the

Port of view:
<sessionstate mode= "StateServer"
Stateconnectionstring= "tcpip=myserver:42424"
Cookieless= "false" timeout= "/>"

In this example, the State service runs on port 42424 (the default port) of a machine named MyServer. To change on the server

Port, you can edit the port value in the Hklm/system/currentcontrolset/services/aspnet_state registry key.

Obviously, the advantage of using a state service is process isolation and can be shared in a Web farm. With this mode, session state storage will not

Depending on the failure or restart of the IIS process, all session data will be lost once the state service is aborted. In other words, the state service does not

The data is persisted as SQL Server does, and it simply stores the data in memory.

4 Session Management with SQL Server

Asp. NET also allows session data to be stored in a database server by turning the Mode property into SQL.
In this case, ASP. NET attempts to store session data in the sqlConnectionString attribute (which contains the data source and the logon service

Security credentials required by the server.
In order to configure SQL erver with the appropriate database objects, the administrator also needs to create the ASPState database.
Method is to run the Installstate.sql script in the Windir/microsoft.net/framework/version folder (windir is the service

Windows folder, and version is the installation folder for the. NET Framework version you are using.
To configure a SQL Server, you can run SQL Server-provided command-line tools on the command line Osql.exe

osql-s [Server name]-u [user]-p [Password] <installsqlstate.sql
For example
Osql-s (local)/netsdk-u sa-p ""-I InstallSqlState.sql

Here the user name must be the SA account on the SQL Server, or another account with equivalent permissions. Interested readers can open the
This script file to understand how ASP. NET implements state management with SQL Server.

To unload these tables and stored procedures, you can use the UninstallSqlState.sql script, similar to the previous method.

After you have done the necessary database preparation, change the mode of the sessionstate element in the Web. config file to "SQL Server"
, and specify the SQL connection string. Specific as follows:

mode= "SQL Server"
sqlconnectionstring= "Data source=127.0.0.1; Userid=sa; Password= "

When SQL Server is configured, the application code runs with no difference from InProc mode. However, it is important to note that since the data does not exist

stored in local memory, so objects that store session state need to be serialized and deserialized to pass the network to the database server.

and returned from the database server. This will of course affect performance. By storing session state in the database, you can individually target scalability and reliability

To effectively balance performance. In addition, you can leverage the SQL Server cluster so that the state store does not depend on a single SQL Server,
This provides maximum reliability for the application.

Configuration of sessionstate in Web. config