Transcript on ASP.NET

Session 10:
Managing State
Overview



State Management

Types of State Management

Server-Side State Management

Client-Side State Management

The Global.asax File
Application and Session Variables

Initializing and Using Application and Session Variables

Application and Session Variable Duration
Cookies and Cookieless Sessions
What is State Management?
Without State
Management
With State
Management
Login.aspx
Login.aspx
Please enter your
logon information:
First Name
Please enter your logon
information:
First Name
John
Last Name
John
Last Name
Chen
Chen
Submit
Greetings.aspx
Hello
I forget who you
are!!
Web Server
Submit
Greetings.aspx
Hello John Chen
Web Server
Types of State Management
Server-Side State
Management
Application state

Information is available to all
users of a Web application
Session state

Information is available only to a
user of a specific session
Database

In some cases, use database
support to maintain state on your
Web site
Client-Side State
Management
Cookies

Text file stores information to
maintain state
The ViewState property

Retains values between multiple
requests for the same page
Query strings

Information appended to the end of
a URL
Server-Side State Management

Application state is a global storage mechanism
accessible from all pages in the Web application

Session state is limited to the current browser session



Values are preserved through the use of application
and session variables
Scalability
ASP.NET session is identified by the SessionID string
Web Server
Client Computer
Application and Session variables
SessionID
Client-Side State Management


Uses cookies to maintain state

Persistent cookies

Temporary/ Non-persistent cookies
Less reliable than server-side state management options

User can delete cookies

Less secure than server-side state management options

Limited amount of information

Client-side restrictions on file sizes
Client Computer
Cookies
Web Server
The Global.asax File

Only one Global.asax file per Web application

Stored in the virtual root of the Web application

Used to handle application and session events

The Global.asax file is optional
The Global.asax File (continued)
Client
Request
Response
ASP.NET Web Server
IIS
ASP.NET HTTP Runtime
Application_BeginRequest
Application_AuthenticateRequest
Application_AuthorizeRequest
Application_EndRequest
Application_ResolveRequestCache
Application_UpdateRequestCache
Application_AquireRequestState
Application_ReleaseRequestState
Application_PreRequestHandlerExecute
Application_PostRequestHandlerExecute
Page execution
Initializing Application and Session Variables

Variables are initialized in Global.asax

The Application object shares information among all
users of a Web application
Sub Application_Start(s As Object,e As EventArgs)
Application("NumberofVisitors") = 0
End Sub

The Session object stores information for a particular
user session
Using Application and Session Variables

Set session and application variables
Session("BackColor") = "blue"
Application.Lock()
Application("NumberOfVisitors") += 1
Application.UnLock()

Read session and application variables
strBgColor = Session("BackColor")
lblNbVisitor.Text = Application("NumberOfVisitors")
Application and Session Variable Duration

Session variables have a set duration after last access


Default is 20 minutes
Session duration can be changed in Web.config:
<configuration>
<system.web>
<sessionState timeout="10" />
</system.web>
</configuration>

Application variables persist until the Application_End
event is fired
Creating and Reading Session Cookies

You can create and read session cookies by using the Cookies
Property of the Response Object and Request Class.

Creating a Cookie
Dim objCookie As New HttpCookie(“myCookie”, “Hello!”)
Response.Cookies.Add(objCookie)

Reading a Cookie
Response.Write(Request.Cookies(“myCookie”).Value)
Creating and Reading Persistent Cookies

A persistent cookie is similar to a session cookie except that a
persistent cookie has a defined expiration date

The code below can be used to create a persistent cookie
Dim objCookie As New HttpCookie(“myCookie”, “Hello”)
objCookie.Expires = #12/25/2007#
Response.Cookies.Add(objCookie)

To create a persistent
cookie, specify the
expiration time
Persistent cookies can be read in the same way as you would a
session cookie
Response.Write(Request.Cookies(“myCookie”).Value)
Retrieving Information from a Cookie

Read the cookie
Dim objCookie As HttpCookie = Request.Cookies("myCookie")

Retrieve values from the cookie
lblTime.Text = objCookie.Values("Time")
lblTime.ForeColor = System.Drawing.Color.FromName _
(objCookie.Values("ForeColor"))
lblTime.BackColor = System.Drawing.Color.FromName _
(objCookie.Values("BackColor"))
Using Cookieless Sessions

Each active session is identified and tracked using
session IDs

Session IDs are communicated across client-server
requests using an HTTP cookie or included in the URL

Cookieless sessions

Session ID information is encoded into URLs
http://server/(h44a1e55c0breu552yrecobl)/page.aspx


Cannot use absolute URLs
Most browsers limit the URL size to 255 characters,
which limits use of cookieless Session IDs
Setting Up Cookieless Sessions

Session state is configured in the <SessionState>
section of Web.config

Set cookieless = true
<sessionState cookieless="true" />