ASP.NET Session State
ASP.NET session state enables you to store and retrieve values for a user as the user navigates the different ASP.NET pages that make up a Web application. HTTP is a stateless protocol, meaning that your Web server treats each HTTP request for a page as an independent request; by default, the server retains no knowledge of variable values used during previous requests. As a result, building Web applications that need to maintain some cross-request state information (applications that implement shopping carts, data scrolling, and so on) can be a challenge. ASP.NET session state identifies requests received from the same browser during a limited period of time as a session, and provides the ability to persist variable values for the duration of that session.
ASP.NET session state is enabled by default for all ASP.NET applications. ASP.NET session-state variables are easily set and retrieved using the Session property, which stores session variable values as a collection indexed by name. For example, the following code example creates the session variables
LastName to represent the first name and last name of a user, and sets them to values retrieved from TextBox controls.
Session("FirstName") = FirstNameTextBox.Text Session("LastName") = LastNameTextBox.Text
Session["FirstName"] = FirstNameTextBox.Text; Session["LastName"] = LastNameTextBox.Text;
ASP.NET stores session information in the memory space of the ASP.NET application by default. You can, optionally, store session information using a stand-alone service so that session information is preserved if the ASP.NET application is restarted, in a SQL Server so that session information is available to multiple Web servers in a Web farm (and also persists if the ASP.NET application is restarted), or in a custom data store. For more information, see Session-State Modes.
ASP.NET also provides several other options for persisting data within an application besides session state. For a comparison of each, see ASP.NET State Management Recommendations.
In This Section
- Session State Overview
Describes the different capabilities of the session-state feature.
- Session Identifiers
Describes how a browser is identified with a particular session.
- Session-State Events
Describes session-state events that can be added to the global.asax file.
- Session-State Modes
Discusses the different session-state storage modes.
- Securing Session State
Describes security issues to consider when using session state.
- How to: Save Values in Session State
Provides a sample of storing values in session-state variables.
- How to: Read Values from Session State
Provides a sample of reading values from session-state variables.
- Implementing a Session-State Store Provider
Describes how to create a custom session-state store provider and includes a sample.
Provides classes and interfaces that enable storage of application data in session state.
Provides access to the session for the current HTTP request.
- ASP.NET State Management Recommendations
Describes differences between ASP.NET state-management options.
- ASP.NET State Management
Provides an overview of the methods available to store application state in ASP.NET applications.