Using session FAQ in asp.net-practical tips

In the jar often see some questions about the session, the following to make a summary, I hope to help you:

Q: Why is session occasionally lost on some machines?
A: May be related to the environment of the machine, such as: Firewall or anti-virus software, etc., try to shut down the firewall.

Q: Why did the Session_End method not fire when calling Session.Abandon?
A: First, the Session_End method only supports session InProc (in-process) types. Second, to fire the Session_End method, the session must exist (that is, the session is already in use in the system), and at least one request will be completed (the method is called in this request).

Q: Why is it often lost when I use the session in InProc mode?
A: This problem is usually caused by an application being reclaimed, because when you use an in-process session, the session is saved in the aspnet_wp process, and when that process is recycled, it's not there. Determines whether the process is recycled and can obtain information by viewing the system's Event Viewer.
For specific information please refer to:
Session variables are lost intermittently in asp.net applications
http://support.microsoft.com/default.aspx?scid=kb;en-us; Q316148
A bug at 1.0 also causes the worker process to be reclaimed and restarted, and the bug has been fixed in 1.1 and SP2.
For more information on this bug, please refer to:
asp.net Worker Process (aspnet_wp.exe) is recycled unexpectedly.
http://support.microsoft.com/default.aspx?scid=kb;en-us; Q321792

Q: Why is the ID of the new session the same as the original after the session timed out or abandoned?
A: Because SessionID is stored in the client browser instance, when the session timeout in the server to re-establish session, will use the browser from the SessionID, so when the session times out, and then re-establish after the SessionID unchanged.

Q: Why is the sessionid of each request different?
A: The problem may not be caused by saving any information in the session, that is, no session is used anywhere in the program. SessionID will always be relevant to the browser when the information is saved in the session, and the SessionID will not change at this time.

Q: Can you share the session between ASP and asp.net?
Answer: Yes. But this is a more complicated process, Microsoft has provided the official solution, please refer to: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnaspp/html/ Converttoaspnet.asp

Q: What type of object can be saved in the session?
A: This relies on the use of Session mode, which is used in-process (INPROC) sessions so that you can easily save any objects. If you use a inproc pattern, you can only save objects that are serializable and deserialized, and you cannot save to a session in this mode (not InProc) if the object you are saving is not serializable.

Q: Why can't I jump the page using the Response.Redirect and Server.Transfer methods in Session_End?
A: Session_End is an event-handling function that fires inside the server. It is based on a timer within a server, and there is no associated HttpRequest object on the server when the event is fired, so the Response.Redirect and Server.Transfer methods are not available at this time.

Q: Can I get HttpContext objects in the Session_End?
A: No, because this event is not associated with any requests (request), and there is no context based on the request.

Q: How do I use the session in a Web service?
A: To use session in a Web service, you need to do some extra work with the caller of the Web service, and you must save and store the cookies that are used when calling the Web service. Please refer to the Httpwebclientprotocol.cookiecontainer properties of the MSDN documentation for more information. However, if you use a proxy server to access the Web service because of the limitations of the framework, neither session can be shared.

Q: Why not use the session when customizing your own HttpHandler?
A: When implementing your own HttpHandler, if you want to use session you must implement one of the following two markup interfaces: IRequiresSessionState and Ireadonlysessionstate, These interfaces do not have any method to implement, just a markup interface and a method that uses the INamingContainer interface.

Q: When I use Webfarm, why is the session lost when I redirect to another Web server?
A: For more information, please refer to:
Prb:session the Lost in Web Farm If your use SQL Server or StateServer session Mode
http://support.microsoft.com/default.aspx?scid=kb;en-us;325056

Q: Why is my session not valid in the Application_onacquirerequeststate method?
A: Session only works after the Httpapplication.acquirerequeststate event call.
For more information, please refer to:
Http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/html/cpconhandlingpublicevents.asp

Q: If cookieless is used, how do I redirect from an HTTP page to HTTPS?
A: Please try the following methods:
String Originalurl = "/fxtest3/sub/foo2.aspx";
String Modifiedurl = "Https://localhost" + response.applyapppathmodifier (Originalurl);
Response.Redirect (Modifiedurl);

Q: Does the session work in those events in the Global.asax?
A: The session is valid only after the AcquireRequestState event, and the event after that event can use session.

Q: How do I get all the objects saved in the current session?
A: You can get it by traversing all the Session.keys. The code is as follows:
ArrayList sessioncollection = new ArrayList ();
foreach (String strkey in Session.keys) {
Sessioncollection.add (Session[strkey]);
}

Q: Can I share the session in different applications?
A: You cannot share directly. You can refer to how to share the session between ASP and ASP.net.

Q: What's the difference between Session.Abandon and session.clear?
A: The main difference is that when using Session.Abandon, the Session_End method (InProc mode) is invoked. The Session_Start method is fired when the next request arrives. Session.clear only clears all the data in the session and does not abort the session, and therefore does not call those methods.

Q: Does the session provide a locking mechanism in order to access the state value of the session sequentially?
A: Session implementation of the Reader/writer lock mechanism:
When the page has writable functionality to the session (that is, the page has the <%@ page enablesessionstate= "True"%> tag), the session holding a write lock is held until the session on which the page is requested to complete.
When the page has read-only functionality to the session (that is, the page has the <%@ page enablesessionstate= "ReadOnly"%> tag), it knows that the session that requested the page to complete holds a read lock.
Read locks block A write lock, read locks do not block read locks, and write locks block all read and write locks. This is why the same page in both frames writes the same session, and one of them waits for the other (the slightly faster one) to finish before it begins to write.

Q: What does the session smoothing timeout mean?
A: The session smoothing timeout means that as soon as your page is accessed (using) The session, the timeout time will be refreshed (as can be understood as a rerun), that is, the timeout will be recalculated when the page request starts. However, the page cannot disable session. It automatically accesses the session of the current page and refreshes the timeout period.

Q: Why is the session not valid in the event handler function in Global.asax?
A: Depending on which event handler function is used session,session after the AcquireRequestState event, all event handlers after the event can use the session, but not before.

Q: When I write a component that relies on the session of the current application, why not use session["Key" directly to get its value?
Answer: session["Key" is actually this. session["Key", which is provided as a property of page, so you cannot use this attribute directly in your component. You can use the session in the following ways:
httpcontext.current.session["Key" = "My seesion Value";

Q: When I use InProc mode to save the session, where is the session saved at this time?
A: Different IIS are handled in a different way,
When the IIS5 is used, the session is kept in the Aspnet_wp.exe process space.
When using IIS6, all applications share the application pool by default, and the session is saved in the W3wp.exe process space.

Q: Is the session timeout set to minutes or seconds?
A: It's a minute, the default is 20 minutes.

Q: Will my session be saved when the page appears to be wrong? I need to deal with some cleanup work in Session_End, but I failed, why?
A: Session_End is executed only if the session is running in InProc mode. The account that Session_End uses is the account that runs the aspnet_wp worker process (this can be set in Machine.config). Therefore, if you link to SQL using integrated security in the Session_End method, it will open the link using the account number of the aspnet_wp process, and success depends on your SQL security settings.

Q: Why is it that when I set cookieless to true, I lose my session when I redirect?
A: When using cookieless, you must use the relative path to replace the absolute path in the program, if using absolute path asp.net will not be able to save SessionID in the URL.
For example: Replace the \mydir\mysubdir\default.aspx with ... \default.aspx can be.

Q: How do I store sortedlist in session or cache?
Answer: Refer to the following method:
 sortedlist x = new SortedList ();
 x.add ("Key1", "Valuea");
 x.add ("Key2", "Valueb");
  Save to session:
 session["SortedList1"] = x;
  is obtained using the following method:
 sortedlist y = (sortedlist) session["SortedList1"]; The same is true for
 chahe.

Q: Why do I get this error message "Session state can just be used as EnableSessionState is set to true, either in a configuration File or in the Page directive?
A: This problem may be in a Microsoft Visual Studio that is already installed. NET development environment, and then after Windows Sharepoint Server (WSS) is installed. The
 wss ISAPI filter handles all requests. When you browse a asp.net application through a virtual directory, the ISAPI filter does not assign URLs to the folder directory.
  WORKAROUND: Do not use session on the WSS-installed machine.
  For more information refer to:
 session state cannot is used in asp.net with Windows SharePoint Services
 http:// support.microsoft.com/default.aspx?scid=kb;en-us;837376

Q: How do I delete a session variable?
A: You can use the Httpsessionstate.remove () method to delete a session variable.

Q: Is there a way to know how much memory the application session is consuming at run time?
Answer: No. At present this value cannot be verified, at least I do not see this information at present. But you can probably estimate a value from the Performance Monitor and the program code.

Q: When the page is frameset, the SessionID that displays the page in each frame is not the same on the first request, why?
A: The reason is that your frameset is placed on an HTM page rather than an ASPX page.
  In general, if frameset is an ASPX page, when you request a page, it first sends the request to the Web server, the SessionID is already available, and then the browser requests the other pages in the frame, respectively, So all the pages of the SessionID is the same, is the frameset page SessionID.
  However, if you use an HTML page to do a frameset page, the first request will be an HTML page, and when the page is returned from the server there is no session generated, and then the browser will request the page inside the frame, So that these pages will generate their own sessionid, so in this case this problem occurs. When you refresh the page, the SessionID will be the same and the SessionID of the last request page.

Q: Can you save sessions for different applications on different databases on the same SQL Server server?
A: Yes, please refer to:
 fix:using one SQL database for all applications to SQL Server session cause a Bottlenec K
 http://support.microsoft.com/default.aspx?scid=kb;en-us;836680

Q: In Session_End is it possible for me to get valid HttpSessionState and HttpContext objects?
A: You can get the HttpSessionState object in this method, you can access it directly using the session. However, the HttpContext object cannot be obtained because the event is not associated with any request, so there is no context object.

Q: In SQL Server mode, why is my session not available?
A: In SQL Server mode, session expiration is done through the registration of SQL Agent, please check that your SQL Agent is running?

Q: When I set EnableSessionState to "ReadOnly", but I can still modify the session value in InProc mode, why?
A: Even if EnableSessionState is marked as ReadOnly, the user can still edit the session in InProc mode. The only difference is that the session will not be locked during the request process.

Q: How can I avoid specifying a password when linking to SQL?
Answer: Use a trusted link or use an encrypted link string. For more information on this, please refer to:
asp.net Utility to Encrypt Credentials and sessions State Connection Strings
http://support.microsoft.com/default.aspx?scid=kb;en-us;329290

Q: How do I use the session in my own class?
A: You can use the HttpContext.Current.Session method, the specific methods are as follows:
httpcontext.current.session["SessionKey"] = "sessionvalue";
Similarly you can use the Application object in this way.

Q: Why was my request suspended after switching to SQL Server mode?
A: Check to see if all of the sessions are saving objects that can be saved in SQL Server mode, that is, these objects must support serialization.

Q: What happens when the session is set to cookieless?
A: When you set the cookieless to true, there are mainly the following constraints:
1, can not use the absolute link in the page
2, in the application in addition to HTTP and HTTPS switch between the need to complete a number of other steps.
If you send a link to another person, the URL will contain the session ID information, so two people will be common to a session.

Q: Can I save the session in the database?
A: Of course, for more information please refer to: http://support.microsoft.com/default.aspx?scid=kb;en-us;311209