The sessionState Section

Session state support in ASP.NET is much more extensive and flexible than it was in ASP. For developers of small Internet or intranet Web sites, the session support offered by ASP was adequate. The problem was that ASP session state didn't scale out to multiple Web servers. ASP session state was stored on the Web server, and so using a system like Microsoft's Network Load Balancing provided no assurance that the same server in a Web server farm would service each request from a particular client. Another limitation of ASP session state is that it requires cookies to work. This constraint has become less of a problem because now virtually all browsers support cookies, and the sheer number of Internet sites that require cookies enabled have forced all but the most paranoid users to accept at least nonpersistent cookies.

The sessionState section of Web.config controls how session state is managed. The <sessionState> tag supports five attributes, as described in Table 4-12.

Table 4-12 : Attributes of the <sessionState> Tag

Attribute

Option

Description

mode

Specifies where session state is stored.

Off

Specifies that no session state is saved.

Inproc

Specifies that session state is saved locally, similar to ASP session state.

StateServer

Specifies that session state is saved on a remote state server.

SqlServer

Specifies that session state is saved in a SQL Server.

cookieless

Specifies whether session state should be saved without using client cookies.

true

Specifies that sessions without cookies are being used.

false

Specifies that sessions do use cookies. This is the default.

timeout

Specifies the number of minutes a session can be idle before it is abandoned. The default is 20 minutes, the same as in ASP.

stateConnectionString

Specifies the server name and port where session state is stored remotely (for example, 192.168.1.100:8484). This attribute is required when mode is set to

Table 4-12 : Attributes of the <sessionState> Tag

Attribute

Option

Description

StateServer.

sqlConnectionString

Specifies the connection string for the SQL Server where the state is to be saved (for example, data source=192.168.1.100; user id=sa;password=). This attribute is required when mode is set to SqlServer.

The same rules about trying to minimize the amount of data stored in session state that applied in ASP still apply in ASP.NET.

0 0

Post a comment