Module 14: Managing State

Overview

State Management Application and Session Variables Cookies and Cookieless Sessions

Lesson: State Management

What is State Management? Types of State Management Server-Side State Management Client-Side State Management

The Global.asax File

What is State Management?

Without State Management
Login.aspx
Please enter your logon information: First Name John Last Name Chen

With State Management

Login.aspx
Please enter your logon information: First Name John Last Name Chen

Submit Greetings.aspx Hello

I forget who you are!!

Web Server

Submit Greetings.aspx Hello John Chen

Web Server

Types of State Management

Server-Side State Management
Application state

Client-Side State Management

Cookies

Information is available to all users of a Web application

Text file stores information to maintain state

Session state

The ViewState property

Information is available only to a user of a specific session

Retains values between multiple requests for the same page

Database

Query strings

In some cases, use database support to maintain state on your Web site

Information appended to the end of a URL

Server-Side State Management

Application state is a global storage mechanism accessible from all pages in the Web application Session state is limited to the current browser session

Values are preserved through the use of application and session variables Scalability

ASP.NET session is identified by the SessionID string

Web Server

Client Computer

Application and Session variables

SessionID

Client-Side State Management

Uses cookies to maintain state

Persistent cookies Temporary/ Non-persistent cookies User can delete cookies

Less reliable than server-side state management options

Less secure than server-side state management options Limited amount of information

Client-side restrictions on file sizes

Web Server

Client Computer

Cookies

The Global.asax File

Only one Global.asax file per Web application Stored in the virtual root of the Web application Used to handle application and session events The Global.asax file is optional

The Global.asax File (continued)

Client
Request Response

ASP.NET Web Server IIS ASP.NET HTTP Runtime Application_BeginRequest Application_AuthenticateRequest Application_AuthorizeRequest Application_ResolveRequestCache Application_EndRequest Application_UpdateRequestCache

Application_AquireRequestState
Application_PreRequestHandlerExecute

Application_ReleaseRequestState
Application_PostRequestHandlerExecute

Page execution

Lesson: Application and Session Variables

Initializing Application and Session Variables Using Application and Session Variables Demonstration: Using Session Variables Application and Session Variable Duration

Scalable Storage of Application and Session Variables

Saving Application and Session Variables in a Database

Initializing Application and Session Variables

Variables are initialized in Global.asax

The Application object shares information among all users of a Web application

Sub Application_Start(s As Object,e As EventArgs) Application("NumberofVisitors") = 0 End Sub protected void Application_Start(Object sender,EventArgs e) { Application["NumberofVisitors"] = 0; }

The Session object stores information for a particular user session

Using Application and Session Variables

Set session and application variables

Session("BackColor") = "blue" Application.Lock() Application("NumberOfVisitors") += 1 Application.UnLock() Session["BackColor"] = "blue"; Application.Lock(); Application["NumberOfVisitors"] = (int)Application["NumberOfVisitors"] Application.UnLock();

+ 1;

Read session and application variables

strBgColor = Session("BackColor") lblNbVisitor.Text = Application("NumberOfVisitors")

strBgColor = (string)Session["BackColor"]; lblNbVisitor.Text = Application["NumberOfVisitors"].ToString();

Demonstration: Using Session Variables

Initialize a session variable (a number) in global.asax Access the session variable from one page Access the session variable from another page and modify it Re-access the session variable from the first page

Application and Session Variable Duration

Session variables have a set duration after last access

Default is 20 minutes

Session duration can be changed in Web.config:

<configuration> <system.web> <sessionState timeout="10" /> </system.web> </configuration>

Application variables persist until the Application_End event is fired

Scalable Storage of Application and Session Variables

By default, the session state is managed in process Disadvantage of in process storage:

Not Scalable State can be stored in a SQL Server database or a state server
State server

ASP.NET provides out of process storage of session state

Advantages of out of process storage:

Scalable

Web farm Session and Application variables

-OrSQL Client Session and Application variables

Saving Application and Session Variables in a Database

1

Configure the session state in Web.config

Mode is set to sqlserver or stateserver

<sessionState mode="SQLServer" sqlConnectionString="data source=SQLServerName; Integrated security=true" />

Then, configure the SQL server

c:\> OSQL S SQLServerName E <InstallSqlState.sql

OSQL creates several stored procedures and temporary databases for storing the variables

Lesson: Cookies and Cookieless Sessions

Using Cookies to Store Session Data Instructor-Led Practice: Using Variables and Cookies Retrieving Information from a Cookie Using Cookieless Sessions

Setting Up Cookieless Sessions

Using Cookies to Store Session Data

Creating a cookie:
HttpCookie objCookie = new HttpCookie("myCookie"); HttpCookie DateTime now objCookie = DateTime.Now; = new HttpCookie("myCookie"); DateTime now = DateTime.Now; objCookie.Values.Add("Time", now.ToString()); objCookie.Values.Add("Time", now.ToString()); objCookie.Values.Add("ForeColor", "White"); objCookie.Values.Add("ForeColor", "Blue"); objCookie.Values.Add("BackColor", "White"); objCookie.Values.Add("BackColor", "Blue"); objCookie.Expires = now.AddHours(1); Response.Cookies.Add(objCookie); To create a persistent Response.Cookies.Add(objCookie);
cookie, specify the expiration time

Cookie contains information about the domain name

Set-Cookie: Username=John+Chen; path=/; domain=microsoft.com; Expires=Tuesday, 01-Feb-05 00.00.01 GMT

Instructor-Led Practice: Using Variables and Cookies

Students will:

See how the application and session variables, and persistent cookies, are used to store user information

Time: 15 Minutes

Retrieving Information from a Cookie

Read the cookie

Dim objCookie As HttpCookie = Request.Cookies("myCookie") HttpCookie objCookie = Request.Cookies["myCookie"];

Retrieve values from the cookie

lblTime.Text = objCookie.Values("Time") lblTime.ForeColor = System.Drawing.Color.FromName _ (objCookie.Values("ForeColor")) lblTime.BackColor = System.Drawing.Color.FromName _ (objCookie.Values("BackColor")) lblTime.Text = objCookie.Values["Time"]; lblTime.ForeColor = System.Drawing.Color.FromName (objCookie.Values["ForeColor"]); lblTime.BackColor = System.Drawing.Color.FromName (objCookie.Values["BackColor"]);

Using Cookieless Sessions

Each active session is identified and tracked using session IDs

Session IDs are communicated across client-server requests using an HTTP cookie or included in the URL
Cookieless sessions

Session ID information is encoded into URLs

Cannot use absolute URLs Most browsers limit the URL size to 255 characters, which limits use of cookieless Session IDs

http://server/(h44a1e55c0breu552yrecobl)/page.aspx

Setting Up Cookieless Sessions

Session state is configured in the <SessionState> section of Web.config Set cookieless = true

<sessionState cookieless="true" />

Review

State Management Application and Session Variables Cookies and Cookieless Sessions

Lab 15: Storing Application and Session Data

Logon Page
Login.aspx Coho Winery

Benefits Home Page

Default.aspx

Page Header
Menu Component
Class1.vb or Class1.cs Header.ascx

ASPState

Registration
Register.aspx

Web. config

tempdb

Life Insurance
Life.aspx

Retirement
Retirement.aspx

Medical
Medical.aspx

Dental
Dental.aspx

Prospectus
Lab Web Application
Prospectus.aspx

Doctors
Doctors.aspx

User Control
namedate.ascx

XML Web Service

dentalService1.asmx

XML Files

Doctors

Dentists