asp_net

State Management and Web Application

Server-Side State Management Options

In Server Side State management, the information will be stored on the server, the good side is that it has higher security but it consumes more web server resources. By using Server Side State management options you can manage application and session-related information. These options are following:

â¢ Session state

â¢ Application state

â¢ Profile properties

â¢ Database support

Session State

Session state is used to store the session-specific information that needs to be maintained between server round trips and between requests for pages.

In a session state, the session-specific values and objects can be stored, which is then managed by the server and available to the browser.

Session object is per-client basis, which means different clients generate different session object. The ideal data to store in session-state variables is short-lived, sensitive data that is specific to an individual session.

Session Events

There are two events that help you manage user sessions: the Session_OnStart event, which is fired when a new session begins, and the Session_OnEnd event, which is fired when a session is abandoned or expires. Session events are specified in the Global.asax file an application. It is important to note that the Session_OnEnd event is only supported if the session mode is set to InProc, which is the default mode.

Parallel Requests and Session State

When two parallel requests are made for the same sessionID value then the first request received gains exclusive access to the session information and the second request will execute once the first request completes, or until the exclusive lock on the information is freed due to the first request exceeding the lock timeout.

In ASP.NET, the session state has a built in support due to that the session state automatically performs the following actions:

â¢ Session state recognizes and categorizes requests coming from a browser into a logical application session on the server.

â¢ To use across multiple browser requests, it store the session-specific data on the server.

â¢ It raises session lifetime-related events, such as Session_OnStart and Session_OnEnd, which can be handled using application code.

In ASP.NET, every active session is recognized and tracked using a 120-bit SessionID string containing URL-legal ASCII characters.

Example:

//To set the session

Session ["mystring"] = "HELLO eBIZ";

//To display the value of mystring

Response.Write(Session["mystring"]);

A session starts when a user requests the first page from a Web Site. On first page request, the Web server adds the ASP.NET SessionID cookie to the client computer. You can view the value of session ID using the following statement:

Response.Write(Session.SessionID);

The Abandon() method of the Session object can be used to explicitly stop a user session, by using the following statement:

Session.Abandon();

By default value of timeout is 20 minutes. You can also modify the Timeout property of the Session object to change the value of timeout.

Advantages of using Session state:

â¢ You can use session events to perform conditional execution of user-defined tasks as it is event driven.

â¢ Data located in session state variables and objects can be preserved through Internet Information Services (IIS) restarts and worker-process restarts without losing session data because the data is stored in another process space.

â¢ Session states can be used in both multi-computer and multi-process configurations.

â¢ A session state capable to work with browsers that do not support HTTP cookies.

â¢ A session-state can be customized and extended by coding your own session-state provider.

Limitations in using Session State:

â¢ Session state variables are stored in memory until they are either removed or replaced. This can degrade performance of the Web server.

Application state

Application state is a global storing method that is accessible from all pages in the Web application. Therefore, application state is helpful for storing information that needs to be preserved between server round trips and between requests for pages. The information in the application state variable is stored in a key-value pair and is used to preserve data consistency between server round trips and between pages. You can share information stored in the application state among all the pages of the Web application by using the HttpApplicationState class. The HttpApplictaionState class is accessed using the Application property of the HttpContext object. These variables and objects are global to an ASP.NET application. The application state variable can created as follows:

Application["myappvar"] = "Hello eBIZ";
// to get the value of variable
string mystr= (string)Application["myappvar"];
// to remove the variable
Application. Remove (["myappvar"]);
//to remove all variable for application state:
Application.RemoveAll ();

The ASP.NET application supports events. Two important events associated with ASP.NET application are discussed following:

Application Events

Application_Start: This event is fired when an application starts. If you want a code to be executed as the application starts, you should add it to the Application_Start event. This event is fired only when the application starts and is not fired again until the IIS is stopped, the Global.asax file is modified, or the application is unloaded.

Application_End: This event is fired when an application ends.

Considerations for using Application State

â¢ As these variables are stored in server memory, so the number of variables and objects in an application state should be minimum. It will increase the load on the Web server and the server response will be slow. So use application state variables wisely and remove variable if not used. Instead of using application state, you can use the caching mechanism for storing large amounts of application data.
â¢ It is important to make sure that the multiple pages within an application can access values stored in an application state simultaneously. Thatâs why, one to avoid deadlocks and access violations one should use explicit synchronization methods.

Advantages of using Application state:

â¢ It is easy to use an Application state and is reliable with other .NET Framework classes.

â¢ Only one copy of information maintained to store information in an application state

Limitations in using Application State:

â¢ When the Web server containing the application state stop working due to a server crash, upgrade, or shutdown then the data stored in an application state is lost.

â¢ As application state requires server memory, so it affects the performance of the server and the scalability of the Web application.

Profile Properties

Often, you want to store and use information that is unique to a user. In ASP.NET 2.0, the profile properties allow to store the user-specific data. The profile properties feature is similar to session state, excluding that the profile data is not lost when a user session expires. The ASP.NET profile allows you to manage user information without maintaining any database. In addition, profile properties make the user information available using a strongly typed API that which can be accessed from anywhere in your application.

You can configure the profile feature by modifying the configuration file for your ASP.NET Web application.

In the configuration file, you would define a profile property named MyProfileData. The profile segment of the configuration file can be written as following:

<profile>
<properties>
<add name=" MyProfileData " />
</properties>
</profile>
//to set a value defined in profile property
Profile.MyProfileData = txt MyProfileData.Text;
//to get of profile property
string myprofilestr= (String)Profile.MyProfileData;

Advantages of using Application state:

â¢ It is easy to use the profile properties feature.

â¢ Only one copy of information can be used for every session.

Limitations in using Session State:

â¢ Profile properties variables are stored in memory until they are either removed or replaced. This can cause to slow performance of the Web server.

Database Support

Sometimes, a user wants to store large amount of information then user needs database support to maintain state on your Web site. Normally, database support is used in conjunction with cookies or session state. The reasons using a relational database for a Web site to maintain state information is following:

â¢ Security: As the information in the database is more secure.

â¢ Personalization: To personalize the web site.

â¢ Consistency: The web sites also contain some information which must be updated after a transaction, so it requires data consistency which is provided by the database.

â¢ Data mining: To maintain reliability of information stored in a database concerning about your site usage, your visitors, or your product transactions.

Example

Add this code to configuring web.config file to use SQL Server:

Advantages of using a database to maintain state are:

â¢ A database is more secure option to store information as it needs proper authentication and authorization.

â¢ A large amount of information can be stored in database to maintain state.

â¢ Database support to maintain state includes collection of rules as applicable on data like referential integrity and data integrity which will be helpful to reduce the error rate.

â¢ There are a large number of database tools available, and many custom configurations are available.

Disadvantages of using a database to maintain state are:

â¢ A complex hardware and software configurations is needed to use database to support state management.

â¢ The performance of the server will be affected in case of imperfect relational data model for a database.