State Management in ASP.Net
Web Pages
developed in ASP.Net are HTTP based and HTTP protocol is a stateless protocol.
It means that web server does not have any idea about the requests from where
they coming i.e from same client or new clients. On each request web pages are
created and destroyed.
So, how do we make web pages in ASP.Net which will remember about the user, would be able to distinguish b/w old clients(requests) and new clients(requests) and users previous filled information while navigating to other web pages in web site?
Solution
of the above problem lies in State Management.
ASP.Net
technology offers following state management techniques.
Client
side State Management
o Cookies
o Hidden Fields
o View State
o Query String
Server
side State Management
o Session State
o Application State
These
state management techniques can be understood and by following simple examples
and illustrations of the each techniques.
Client Side
State
Cookies
A cookie
is a small amount of data which is either stored at client side in text file or
in memory of the client browser session. Cookies are always sent with the
request to the web server and information can be retrieved from the cookies at
the web server. In ASP.Net, HttpRequest object contains cookies collection
which is nothing but list of HttpCookie objects. Cookies are generally used for
tracking the user/request in ASP.Net for example, ASP.Net internally uses
cookie to store session identifier to know whether request is coming from same
client or not. We can also store some information like user identifier
(UserName/Nick Name etc) in the cookies and retrieve them when any request is
made to the web server as described in following example. It should be noted
that cookies are generally used for storing only small amount of data(i.e 1-10
KB).
Code
Sample
//Storing value in cookie
HttpCookie cookie = new HttpCookie("NickName");
cookie.Value = "David";
Request.Cookies.Add(cookie);
//Retrieving value in cookie
if (Request.Cookies.Count > 0 && Request.Cookies["NickName"] != null)
lblNickName.Text = "Welcome" + Request.Cookies["NickName"].ToString();
else
lblNickName.Text = "Welcome Guest";
Cookies
can be permanent in nature or temporary. ASP.Net internally stores temporary
cookie at the client side for storing session identifier. By default cookies
are temporary and permanent cookie can be placed by setting "Expires"
property of the cookie object.
Hidden Fields
A Hidden control is the control which does not render anything on the web page at client browser but can be used to store some information on the web page which can be used on the page.
HTML
input control offers hidden type of control by specifying type as
"hidden". Hidden control behaves like a normal control except that it
is not rendered on the page. Its properties can be specified in a similar
manner as you specify properties for other controls. This control will be
posted to server in HttpControl collection whenever web form/page is posted to
server. Any page specific information can be stored in the hidden field by
specifying value property of the control.
ASP.Net
provides HtmlInputControl that offers hidden field functionality.
Code
Sample
//Declaring a hidden variable
protected HtmlInputHidden hidNickName;
//Populating hidden variable
hidNickName.Value = "Page No 1";
//Retrieving value stored in hidden field.
string str = hidNickName.Value;
protected HtmlInputHidden hidNickName;
//Populating hidden variable
hidNickName.Value = "Page No 1";
//Retrieving value stored in hidden field.
string str = hidNickName.Value;
Note:Critical information should not be
stored in hidden fields.
View State/Control State
ASP.Net
technology provides View State/Control State feature to the web forms. View State
You do
not need to worry about this as this is automatically handled by ASP.Net. You
can enable and disable view state behaviour of page and its control by
specifying 'enableViewState' property to true and false. You can also store
custom information in the view state as described in following code sample.
This information can be used in round trips to the web server.
Code
Sample
//To Save Information in View State
ViewState.Add ("NickName", "David");
//Retrieving View state
String strNickName = ViewState ["NickName"];
ViewState.Add ("NickName", "David");
//Retrieving View state
String strNickName = ViewState ["NickName"];
Query String
Query
string is the limited way to pass information to the web server while
navigating from one page to another page. This information is passed in url of
the request. Following is an example of retrieving information from the
query strings.
Code
Sample
//Retrieving values from query string
String nickname;
//Retrieving from query string
nickName = Request.Param["NickName"].ToString();
But remember that many browsers impose a limit of 255 characters in query strings. You need to use HTTP-Get method to post a page to server otherwise query string values will not be available.
String nickname;
//Retrieving from query string
nickName = Request.Param["NickName"].ToString();
But remember that many browsers impose a limit of 255 characters in query strings. You need to use HTTP-Get method to post a page to server otherwise query string values will not be available.
Server Side
State
Session State
Session
state is used to store and retrieve information about the user as user
navigates from one page to another page in ASP.Net web application. Session
state is maintained per user basis in ASPNet runtime. It can be of two types
in-memory and out of memory. In most of the cases small web applications
in-memory session state is used. Out of process session state management
technique is used for the high traffic web applications or large applications.
It can be configured with some configuration settings in web.conig file
to store state information in ASPNetState.exe (windows service exposed in .Net
or on SQL server.
In-memory
Session state can be used in following manner
Code
Sample
//Storing informaton in session state
Session["NickName"] = "Ambuj";
//Retrieving information from session state
string str = Session["NickName"];
Session["NickName"] = "Ambuj";
//Retrieving information from session state
string str = Session["NickName"];
Session
state is being maintained automatically by ASP.Net. A new session is started
when a new user sents first request to the server. At that time session
state is created and user can use it to store information and retrieve it while
navigating to different web pages in ASP.Net web application.
ASP.Net
maintains session information using the session identifier which is being
transacted b/w user machine and web server on each and every request either
using cookies or querystring (if cookieless session is used in web
application).
Application State
In
ASP.Net, application state is an instance of HttpApplicationState class and it
exposes key-value pairs to store information. Its instance is automatically
created when a first request is made to web application by any user and same
state object is being shared across all subsequent users.
Application
state can be used in similar manner as session state but it should be noted
that many user might be accessing application state simultaneously so any call
to application state object needs to be thread safe. This can be easily
achieved in ASP.Net by using lock keyword on the statements which are accessing
application state object. This lock keyword places a mutually exclusive lock on
the statements and only allows a single thread to access the application state
at a time. Following is an example of using application state in an
application.
Code
Sample
//Stroing information in application state
lock (this)
{
Application["NickName"] = "David";
}
//Retrieving value from application state
lock (this)
{
string str = Application["NickName"].ToString();
}
lock (this)
{
Application["NickName"] = "David";
}
//Retrieving value from application state
lock (this)
{
string str = Application["NickName"].ToString();
}
