Configuring Session State in Asp.Net, InProc, StateServer, SQLServer Session Modes in Asp.Net
5. February 2012 05:41
There are different ways to store session in Asp.Net. You can choose any option based on your application requirements.
Asp.Net 3.5 provides five different modes to store session state. Those are Off,
InProc, StateServer, SQLServer, Custom. By default Asp.Net takes InProc
as default mod to store session state. Here we discuss about each mode
in-detail.
Session State Mode Off:
You can apply this option whenever you
application not using session to store any data. That means by applying
session mode to Off, you are disabling session for your application. You
can set session mode to Off in your application by adding sessionState
element in your web.config file and making mode attribute to Off as
shown below.
<system.web>
<sessionStatemode="Off"/>
………………………….
</system.web>
Session State mode InProc:
This is default session state mode in
Asp.Net. In this mode session state stored in memory in the same process
as Asp.Net process runs. The advantage of session state mode InProc is
by using this mode your application becomes very fast because it picks
the session state information very quickly (because it is in the same
process).
You can set session state as InProc in web.config file as shown below.
<system.web>
<sessionStatemode="InProc"timeout="120" />
………………………….
</system.web>
Here timeout is number of minutes session has
to store the information (after timeout you lost all information stored
in session).
But there are some disadvantages by using
session mode as InProc. First one is, by storing the session state in
InProc (that means in same process as Asp.Net Process runs) if your
application restarts, then all session information lost. Second
disadvantage is, whenever you use session state mode as InProc, that
means if you store session state within the web server you cannot run
your application on a web farm (that means you cannot run your
application on multiple server).
You can avoid all these disadvantages by changing the session state mode to other options.
Session State mode StateServer:
If you change the session state mode to
StateServer, session stores in window NT process instead of Asp.Net
Process. That means your isolating the session state from your
application. Even though your application restarts, you will not lose
any session information. You can store the session information in window
NT process of same server or different server by changing session mode
to StateServer. By storing the session information in window NT process
of different server, you can make application to run on web farm.
For example if you want to run your
application on web farm which has five servers, in those servers you can
use one server to store the session state and remaining will use that
server for session information by applying proper settings.
You have to make two things to run your application on session state mode StateServer.
First one, you have to start the ASP.NET State Service. You can do it by entering Services.msc in your run window and press enter, then services window prompt. Now start the ASP.NET State Service and change the Startup Type to Automatic so that the service starts automatically every time that you reboot your machine as shown below.
Second one, you have to configure your
application to work on session state mode StateServer. For that make
changes to web.config file as shown below.
<system.web>
<sessionStatemode="StateServer" stateConnectionString="tcpip=localhost:81" stateNetworkTimeout="10" />
<machineKeydecryption="AES"validation="SHA1" decryptionKey="A2CF54CF844940C08D44BB251D4045E72B8042AD7B8B6543267D56DFFF9141CF" validationKey="EDD897FE43DB7AF34BD189351F8ACE8A478486A1C0E3C3944FBFF466294BCE26EE4
62596DA599AD48F1A0C99C9A92CEB414281FEFAAD233222A9547ED095F805"
/>
………………………….
</system.web>
As shown above, you have to mention
connection string for stateConnectionString attribute if you want to
store session state in other web server window NT process. And we
included the machineKey element in web.config
file. If you want to run your application (on web farm), and you need to
use the same State Server to store Session state
all other servers in web farm. For that you need to specify explicit
encryption and validation keys. You need not to include a machineKey element
when the State Server is hosted on the same machine as your ASP.NET
application. I will explain in next article about machinekey, about
decryption, validation attributes and how to generate decryption and
validation keys.
If your application is running under session
state mode InProc and you want to shift it State Server mode, no need to
change anything in your code. Just apply the settings as mentioned
above.
Session State mode SQLServer:
You can store session state information in
your SQL Server data base by applying session state mode to SQLServer.
It will give same advantages as StateServer mode gives.
To store session state in SQL Server, you
have to complete following steps. First one, configure your data base
server to support SQL Server session state and second one, configure your application to use SQL Server Session state.
To add necessary tables in your data base to store session state, you can use aspnet_regsql tool which is generally located at C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe.
Execute the following command on your server by mentioning the your data base server name.
aspnet_regsql -C “Data Source=localhost;Integrated Security=True” –ssadd
Here I mentioned my data base server name as localhost. By executing above command, a new data base ASPState
is created with necessary tables and stored procedures in given data
base server.By default session state stored in tempDB database, to
change the session storage data base to ASPState execute following
command.
aspnet_regsql -C “Data Source=localhost;Integrated Security=True” -ssadd -sstype p
Notice that this command includes a -sstype p switch. The p stands for persistent. Session state that is stored in the ASPState database is called persistent Session state because it survives database server restarts.
If you want to store Session state in a custom database, execute following command to store Session state in a database named MyDataBase.
aspnet_regsql -C “Data Source=localhost;Integrated Security=True”-ssadd -sstype c -d MyDataBase
By executing this command creates a new database named MyDataBase that contains both the tables and stored procedures for storing Session state. Notice that the -sstype switch has the value c for custom. The command also includes a -d switch that enables you to specify the name of the new database.
If you want to remove the Session state tables and stored procedures from a server, then you can execute the following command:
aspnet_regsql -C “Data Source=localhost;Integrated Security=True” –ssremove
Executing this command removes the ASPState database. It does not remove a custom Session state database. You must remove a custom database manually.
After configuring your data base to store session state, now configure your application to store session state by making changes to web.config file as shown below.
<system.web>
<sessionStatemode="SQLServer"sqlConnectionString="Data Source=localhost;Integrated Security=True"sqlCommandTimeout="30" />
<machineKeydecryption="AES"validation="SHA1"
decryptionKey="A2CF54CF844940C08D44BB251D4045E72B8042AD7B8B6543267D56DFFF9141CF" validationKey="EDD897FE43DB7AF34BD189351F8ACE8A478486A1C0E3C3944FBFF466294BCE26EE4
62596DA599AD48F1A0C99C9A92CEB414281FEFAAD233222A9547ED095F805"
/>
………………………….
</system.web>
Pass your ASPState
data base connection string where you are storing the session state
information for sqlConnectionString attribute and timeout period for
sqlCommandTimeout.
If you want to store session state in custom
data base change sqlConnectionString and apply allowCustomSqlDatabase
attribute as true as shown below.
<system.web>
<sessionStatemode="SQLServer"sqlConnectionString="Data Source=YourServer;Integrated Security=True;database=MyDataBase"sqlCommandTimeout="30"allowCustomSqlDatabase="true"/>
<machineKeydecryption="AES"validation="SHA1"
decryptionKey="A2CF54CF844940C08D44BB251D4045E72B8042AD7B8B6543267D56DFFF9141CF" validationKey="EDD897FE43DB7AF34BD189351F8ACE8A478486A1C0E3C3944FBFF466294BCE26EE4
62596DA599AD48F1A0C99C9A92CEB414281FEFAAD233222A9547ED095F805"
/>
………………………….
</system.web>
No comments:
Post a Comment