Storage mode
1.InProc mode
This is the default session management mode of the ASP, which maintains the session within the application process.
2.StateServer mode
This is installed on the server. NET environment after a StateServer service, in the application process management session, can be multi-application between the session sharing.
3.SQLServer mode
This is the hosting of the session using SQL Server. The advantage is that SQL Server can be used to deal with the massive session, outside the application process, durable, high security advantages.
4.Custom mode
This is a custom mode, play a large space, in the case of owning provider, can use this mode to play, using a variety of data storage procedures for session management.
InProc mode is the default usage mode comparison for single apps.
StateServer mode also needs to configure the registry;
SQL Server mode uses MS DB;
If there are multiple servers or there is a sessionid problem, the disadvantage is to use MS customization, not cross-language. Custom mode is better suited to combine third party provider such as Redis,memecache,mongodb
For scenarios that are shared with multiple service load sessions, because MVC itself has viewstate these, there is no need to configure machinekey if you use SQL Server or StateServer session mode to resolve SessionID inconsistencies ( Before the reflection modification is consistent or the same ID is created)
Redis-based implementation
Because the Redis-based implementation Harbour.redissessionstatestore relies on Servicestack.redis to say that the 4.x version has a request limit, So the choice of Microsoft.Web.RedisSessionStateProvider, use is relatively simple
pm> install-package Microsoft.Web.RedisSessionStateProvider
<sessionstateMode= "Custom"CustomProvider= "Redissessionstatestore"> <providers> <!--either use ' connectionString ' and provide-parameters as String OR use ' host ', ' Port ', ' AccessKey ', ' SSL ', ' connection Timeoutinmilliseconds ' and ' operationtimeoutinmilliseconds '. - <!--' throwOnError ', ' retrytimeoutinmilliseconds ', ' databaseId ' and ' applicationname ' can is used with both options. - <!-- <add name= "Redissessionstatestore" host = "127.0.0.1" [String] Port = "" [number] AccessKey = "" [String] SSL = "false" [True|false] throwOnError = "true" [true|false] retrytimeoutinmilliseconds = "[number] DatabaseId =" 0 "[number] ApplicationName = "" [String] connectiontimeoutinmilliseconds = "Operationtimeout" [number] Inmilliseconds = "$" [number] connectionString = "<valid Stackexchange.redis connection string>" [Stri NG] Loggingclassname = "<assembly qualified class name that contains logging method specified below>" [St Ring] Loggingmethodname = "<logging method should is defined in Loggingclass. It should is public, static, does not take any parameters and should has a return type of system.io.textwriter.> "[Str ing]/> - <Addname= "Redissessionstatestore"type= "Microsoft.Web.Redis.RedisSessionStateProvider"Host= "xxx.xxx.xxx.xxx"AccessKey=""SSL= "false" /> </providers> </sessionstate>
Also ensure that the domain where the cookies are configured
<domain= ". xxx.com" httponlycookies= "true"/>
Destroy session
/// <summary> ///User log out/// </summary> /// <param name= "ReturnUrl" ></param> /// <returns></returns> PublicActionResult SignOut (stringreturnUrl) { //Clear SessionSession.Abandon (); Session.clear (); //Clear Automatic Login cookievar cookie =Request.cookies[constantkey.autologinkey]; if(Cookie! =NULL) {cookie. Domain=". xxx.com"; Cookies. HttpOnly=true; Cookies. Expires= DateTime.Now.AddDays (- -); Response.appendcookie (cookie); } returnredirecttolocal (RETURNURL); }
!!! Other points of attention
SessionId inconsistency problem
PRB: Session state is lost if you use SQL Server or StateServer session mode in a Web farm
https://support.microsoft.com/zh-cn/kb/325056
The use of amusing stateserver in the Web Garden,web Farm
Www.cnblogs.com/UliiAn/p/3463720.html
ASP. StateServer Session Sharing problem
Http://www.cnblogs.com/ryhan/p/3748976.html
The domain of cookies
<domain= ". xxx.com" httponlycookies= "true"/>
SQL Server Mode
http://www.cnblogs.com/haoxue/archive/2010/10/11/asp_net_session_share.html
Http://www.cnblogs.com/whyloverjack/archive/2011/11/10/2244719.html
Custom mode Provider
Redis
Redis-based implementations
Harbour.redissessionstatestore
Https://github.com/TheCloudlessSky/Harbour.RedisSessionStateStore
Asp. NET cross-app sharing session and using Redis for session hosting
Http://www.cnblogs.com/UliiAn/p/3554863.html
Microsoft.Web.RedisSessionStateProvider
Https://www.nuget.org/packages/Microsoft.Web.RedisSessionStateProvider
MongoDB
Custom ASP. NET session state store using MongoDB
http://www.adathedev.co.uk/2011/05/mongodb-aspnet-session-state-store.html
Https://github.com/AdaTheDev/MongoDB-ASP.NET-Session-State-Store
Memecache
https://github.com/enyim/memcached-providers
Http://www.cnblogs.com/luminji/archive/2011/11/03/2195704.html
AppFabric
https://msdn.microsoft.com/zh-cn/library/ee790859.aspx
Http://www.cnblogs.com/xling/archive/2012/07/20/2600439.html
Refer:
Exploring Session in ASP.
Http://www.codeproject.com/Articles/32545/Exploring-Session-in-ASP-Net
announcing ASP. NET Session state Provider for Redis Preview Release
http://blogs.msdn.com/b/webdev/archive/2014/05/12/ Announcing-asp-net-session-state-provider-for-redis-preview-release.aspx
ASP. NET Session state Provider for Azure Redis Cache
https://msdn.microsoft.com/en-us/library/azure/dn690522.aspx
Implement multiple sites (subdomain same) to share the same user logon status in Forms Authentication mode
http://www.cnblogs.com/caomao/archive/2005/07/05/186606.html#3013251
ASP. NET level two domain name site sharing Session state
http://www.cnblogs.com/jzywh/archive/2008/11/02/ShareSession.html
ASP. NET multi-server session sharing
Http://www.cnblogs.com/2814/archive/2012/11/06/2757538.html
ASP. NET MVC uses Redis shared session