State Management in ASP.NET

HTTP is a stateless protocol. This means that a Web server treats each HTTP request for a page as an independent request. The server retains no knowledge of variable values that were used during previous requests. 

ASP.NET State Management enables to store and retrieve values for a user as the user navigates ASP.NET pages in a Web application. So if we need to track/use user’s information during page visits then we need to use the state management techniques provided by ASP.NET. ASP.NET offers you a variety of ways to maintain state information over multiple request for the same or different pages.

There are mainly two types of state management in ASP.NET:
1.     Client side state management 
2.     Server side state management

During application development both of this technique are used depending on requirement, type and size of information.

Ø  Advantages of Client Side State Management
·         Better scalability
·         Support for multiple browser

Ø  Advantages of Server Side State Management
·         Better security
·         Reduced bandwidth

1. Client side state management : - As name suggest, state related information is stored at client side.  Information stored either in the page or on the client computer. For these options, no information is maintained on the server between round trips. Sensitive information should not be saved at client side as is information can be intercepted.
Ø  View State
o    View State is enabled by default, but can be disable it by setting the EnableViewState property for web control to false. This will reduce the server processing time and decreases page size.
o    Viewstate is a dictionary object. So data stored as key value pair in viewstate

Ø  Control State
o    Used in case of custom controls
o    To store information in such cases we have to override the OnInit method and call RegisterRequiresControlState method during initialization. Then need to override theSaveControlState and LoadControlState methods.

Ø  Hidden fields
o    Hidden fields can also be used to store information, but it will only keep the information when HTTP post is being done no get.
o    View State stores information in Hidden fields.
o    Hidden fields renders as a standard HTML hidden field. 

Ø  Cookies
o    A cookie is a small amount of data that is stored either in a text file on the client file system or in-memory in the client browser session.
o    Can be used when we need to store information between multiple pages.
o    This information can be accessed by the server and can be utilized to store information page visits.
o    e.g.  string strnumber = Request.Cookies["number"].Value;
o    Cookies can be expired as required,
e.g. Response.Cookies["number"].Expires = DateTime.Now.AddDays(1);

Ø  Query Strings
o    Query string can be used to store information on page or to pass it from one page to another page.
o    Can be retired in code behind as,
string strnumber = Request.QueryString["number "].ToString();


2. Server side state management :- keeps all the information at server side. Results secure confidential and sensitive information but more memory usage on server.
It has two types:-
1. Application State
2. Session State

1. Application State
o    ASP.NET allows to save values using application state — which is an instance of the HttpApplicationState class — for each active Web application. 
o    Application state is useful for storing information that needs to be maintained between server round trips and between requests for pages.
o    Application state is stored in a key/value dictionary that is created during each request to a specific URL. You can add your application-specific information to this structure to store it between page requests.
o    This instance is created the first time a user accesses any URL resource in an application.
o   Application state can be assessable on all pages for all users.
o    ASP.NET provides three events that enable you to set Application variables and respond to Application errors:
o    Application_Start: Raised when the application starts.
o    Application_End: Raised when an application shuts down.
o    Application_Error: Raised when an unhandled error occurs.
o    e.g. string strnumber = Application["number "].ToString();

2. Session State
o    ASP.NET allows you to save values by using session state — which is an instance of the HttpSessionState class — for each active Web-application session.
o    Session state is similar to application state, except that it is scoped to the current browser session.
o    If different users are using your application, each user session will have a different session state. In addition, if a user leaves your application and then returns later, the second user session will have a different session state from the first.
o    e.g. string strnumber = Session["number "].ToString();

            ASP.NET session state supports several storage options for session variables. Short description as follows:-

Ø  InProc mode, which stores session state in memory on the Web server. This is the default.
Ø  StateServer mode, which stores session state in a separate process called the ASP.NET state service. This ensures that session state is preserved if the Web application is restarted and also makes session state available to multiple Web servers in a Web farm.
Ø  SQLServer mode stores session state in a SQL Server database. This ensures that session state is preserved if the Web application is restarted and also makes session state available to multiple Web servers in a Web farm.
Ø  Custom mode, which enables you to specify a custom storage provider.
Ø  Off mode, which disables session state.



o    ASP.NET provides a feature called profile properties, which allows you to store user-specific data.
o    This feature is similar to session state, except that the profile data is not lost when a user's session expires.
o    The profile-properties feature uses an ASP.NET profile, which is stored in a persistent format and associated with an individual user.
o    The ASP.NET profile allows you to easily manage user information without requiring you to create and maintain your own database.

Comments