Wednesday 10 August 2011

Session Modes and Session Provider

Session ID
Asp.Net use 120 bit identifier to track each session. This is secure enough and can't be reverse engineered. When client communicate with server, only  session id is transmitted, between them. When client request for data, ASP.NET looks on to session ID and retrieves corresponding data. This is done in following steps, 
Client hits web site and some information is stored in session.

 
  • Server creates a unique session ID for that clients and stored in Session State Provider
  • Again client request For some information with that unique session ID from Server.
  • Server,looks on Session Providers, and retrieve the serialized data from state server  and type cast the object . 
Session Mode and State Provider

In ASP.NET there are following session mode available, 
  • InProc
  • StateServer
  • SQLServer
  • Custom

    we can choose the session State Provider based on which session state we are selecting. When ASP.NET request for any information based on session ID, session state and its corresponding provider are responsible for sending the proper information based on user. Following tables show, the session mode along with there provider Name. 

    Session State Modes          State Provider

    InProc                       In-Memory Object

    StateServer                  Aspnet_state.exe

    SQLServer                    DataBase

    Custom                       CustomProvider



    Session States  

    If we consider about session state, It means all the settings that you have made for your web application for maintaining the session. Session State, it self is a big thing, It says all about your session configuration, Either in web.config or from code behind. In web.config, <SessionState> elements used for setting the configuration of session. Some of them are Mode, Timeout, StateConnectionStringCustom provider etc. I have discussed about each and ever section of connection string. Before I discussed Session Mode, just take a brief overview of Session Event  

    Session Event  

    There are two types of session events available in asp.net 
    • Session_Start 
    • Session_End 
    you  can handle both this event in  global.asax file of  your web application. When a new session initiate session_start event raised and Session_End event raised when a session is abandoned or expired.
    Collapse
    Collapse
      void Session_Start(object sender, EventArgs e) 
    {
        // Code that runs when a new session is started

    }

    void Session_End(object sender, EventArgs e) 
    {
        // Code that runs when a session ends. 
 
    }

    Session Mode  

    I have already discussed about the session mode in ASP.NET, Following are the different types of session modes available in ASP.Net.
    • Off 
    • InProc 
    • StateServer 
    • SQLServer 
    • Custom 
    If we set Session Mode="off" in web.config, Session will be disabled to all over the application. For this we need to configure web.config in following way


     InProc Session Mode :  

    This is the default session mode in Asp.Net. Its stores session Information in Current Application Domain. This is the best session mode which is based on web application Performance. But main disadvantage is that, It will lose the data if we restart the server. There are some more advantages and disadvantages of InProc session mode. I will come to those points again .


    Overview of InProc Session Mode :  

    As I have already discussed  InProc mode session data will be stored on the current application domain. So It is easily and quickly available.

     So, InProc session mode store its session data in a memory object on that application domain. This is handled by worker process in application pool. So If we restart the server we will lose the session data. If Client request for the data , state provide read the data from In-Memory Object and return it to the client. In web.config we have to mention Session mode  and also we have to set the Timeout.  


    <system.web>
    <!-- Inproc session in Application-->
    <SessionState mode="Inproc" timeout="20" />
    </system.web>

    This Session TimeOut Setting keeps session alive for 30 minute. This can be configurable from Code behind too.

    There are two type of session events available in asp.net Session_Start() and Session_End. It is the only mode that supports the Session_End() event. These events will call after the session timeout period is over. The general flow for the InProc Session State is some thing like this. 

                    Session Start()
                      
                    User use this application
                    
                    Session End()                 

    Now, when the Session_End() will call that depends on Session Time Out. This is a very fast mechanism because no serialization occurs for storing and retrieving data, and data are staying inside the same application domain.

    When should we use InProc Session mode?
    InProc is the default session mode. It can be very helpful for a small web sites and where the number of user are very less, We should avoid InProc in case of Web Garden (I will come to this topic in details) Scenario .

    Advantages and Disadvantages


    Advantages :

  • It store Session data in memory object of current application domain. So  accessing data is very fast and data is easily available.
  • There is not requirements of serialization to store data in InProc Session Mode.
  • Implementation is very easy, just similar to using View State.

Disadvantages :  


Although InProc Session is fastest, common and default mechanism, It has lots of limitation.
  • If the worker Process or application domain recycles all session data will be lost.
  • Though its fastest, but more session data and more users can affects performance, because of memory.
  • we can't use it in web Garden scenarios .
  • This session mode is not suitable for web farm scenarios also.

So as per above discussion, we can conclude InProc is very fast session storing mechanism but suitable for small web application. InProc Session Data will get lost if we Restart the server, application domain recycles It is also not suitable for Web Farm and Web Garden Scenarios.
Now have a look that what are the other option  available to overcome these problem. First Come to StateServer Mode. 

State Server Session Mode:

Overview of StateServer Session Mode :

 In StateServer  the Session data is stored in a separate Server which is Independent to IIS and Its handled by aspnet_state.exe. This process is run as windows Services. you can start this service from windows MMC or from command prompt


By default  "Startup Type" of ASP.NET state service is set to manual, we have to set it as  "Automatic"  startup type.


from command from just typing "net start aspnet_state". By default this services listen TCP Port 42424 , but we can change the port from registryeditor as given in below picture .



Now have a look on the web.config configuration for StateServer Setting. For State Server Setting we need have to specify the stateConnectionString. This will identify the system that is running state server. By default stateConnectionString used ip as 127.0.0.1 (localhost) and Port 42424.


<system.web>
<!--State Server Session Configuration-->
<sessionState mode="stateServer"
 stateconnectionstring="tcpip=127.0.0.1:42424"/>
</system.web>

When we are using StateServer, we can configure stateNetworkTimeOut attributes to specify the maximum number of seconds to wait for the service to respond before canceling the request. Default time is 10 seconds.

<system.web>
<!--State Server Session Configuration-->
<sessionState mode="stateServer"
 stateconnectionstring="tcpip=127.0.0.1:42424"
 stateNetworkTImeout="40""/>
</system.web>


Posted by at 22:56

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)