Embed Size (px)
DESCRIPTION
Session 10 : Managing State. Overview. State Management Types of State Management Server-Side State Management Client-Side State Management The Global.asax File Application and Session Variables Initializing and Using Application and Session Variables - PowerPoint PPT Presentation
Citation preview
Session 10:Managing State
Overview
State Management
Types of State Management Server-Side State Management Client-Side State Management The Global.asax File
Application and Session Variables
Initializing and Using Application and Session Variables Application and Session Variable Duration
Cookies and Cookieless Sessions
What is State Management?
First Name
Last Name
Please enter your logon information:
John
SubmitSubmit
Chen
Web ServerWeb Server
Login.aspx Login.aspx
Web ServerWeb Server
Hello John Chen
Greetings.aspx
Please enter your logon information:
John
SubmitSubmit
Chen
Hello
Greetings.aspx
I forget who you are!!
I forget who you are!!
First Name
Last Name
Without State Management
With State Management
Types of State Management
Server-Side State Server-Side State ManagementManagement
Client-Side StateClient-Side State ManagementManagement
Application state
Information is available to all users of a Web application
Cookies
Text file stores information to maintain state
Session state
Information is available only to a user of a specific session
The ViewState property
Retains values between multiple requests for the same page
Database
In some cases, use database support to maintain state on your Web site
Query strings
Information appended to the end of a URL
Server-Side State Management
Application state is a global storage mechanism accessible from all pages in the Web application
Session state is limited to the current browser session
Values are preserved through the use of application and session variables
Scalability
ASP.NET session is identified by the SessionID string
Web ServerWeb Server
Client ComputerClient Computer
Application and Session variables
SessionID
Client-Side State Management
Uses cookies to maintain state
Persistent cookies
Temporary/ Non-persistent cookies
Less reliable than server-side state management options
User can delete cookies
Less secure than server-side state management options
Limited amount of information
Client-side restrictions on file sizesWeb ServerWeb Server
Client ComputerClient Computer
Cookies
The Global.asax File
Only one Global.asax file per Web application
Stored in the virtual root of the Web application
Used to handle application and session events
The Global.asax file is optional
The Global.asax File (continued)
ASP.NET Web Server
Client
ASP.NET HTTP RuntimeASP.NET HTTP Runtime
IISIIS
Application_BeginRequestApplication_BeginRequest
Application_AuthenticateRequestApplication_AuthenticateRequest
Application_AuthorizeRequestApplication_AuthorizeRequest
Application_ResolveRequestCacheApplication_ResolveRequestCache
Application_AquireRequestStateApplication_AquireRequestState
Application_PreRequestHandlerExecuteApplication_PreRequestHandlerExecute
Application_EndRequestApplication_EndRequest
Application_UpdateRequestCacheApplication_UpdateRequestCache
Application_ReleaseRequestStateApplication_ReleaseRequestState
Application_PostRequestHandlerExecuteApplication_PostRequestHandlerExecute
Page executionPage execution
RequestRequest ResponseResponse
Initializing Application and Session Variables
Variables are initialized in Global.asax
The Application object shares information among all users of a Web application
The Session object stores information for a particular user session
Sub Application_Start(s As Object,e As EventArgs) Application("NumberofVisitors") = 0End Sub
Sub Application_Start(s As Object,e As EventArgs) Application("NumberofVisitors") = 0End Sub
Using Application and Session Variables
Set session and application variables
Read session and application variables
Session("BackColor") = "blue"Application.Lock()Application("NumberOfVisitors") += 1Application.UnLock()
Session("BackColor") = "blue"Application.Lock()Application("NumberOfVisitors") += 1Application.UnLock()
strBgColor = Session("BackColor")lblNbVisitor.Text = Application("NumberOfVisitors")strBgColor = Session("BackColor")lblNbVisitor.Text = Application("NumberOfVisitors")
Application and Session Variable Duration
Session variables have a set duration after last access
Default is 20 minutes
Session duration can be changed in Web.config:
Application variables persist until the Application_End event is fired
<configuration> <system.web>
<sessionState timeout="10" /></system.web>
</configuration>
<configuration> <system.web>
<sessionState timeout="10" /></system.web>
</configuration>
Creating and Reading Session Cookies
You can create and read session cookies by using the Cookies Property of the Response Object and Request Class.
Creating a Cookie
Reading a Cookie
Dim objCookie As New HttpCookie(“myCookie”, “Hello!”)
Response.Cookies.Add(objCookie)
Dim objCookie As New HttpCookie(“myCookie”, “Hello!”)
Response.Cookies.Add(objCookie)
Response.Write(Request.Cookies(“myCookie”).Value)Response.Write(Request.Cookies(“myCookie”).Value)
Creating and Reading Persistent Cookies
A persistent cookie is similar to a session cookie except that a persistent cookie has a defined expiration date
The code below can be used to create a persistent cookie
Persistent cookies can be read in the same way as you would a session cookie
Dim objCookie As New HttpCookie(“myCookie”, “Hello”)
objCookie.Expires = #12/25/2007#
Response.Cookies.Add(objCookie)
Dim objCookie As New HttpCookie(“myCookie”, “Hello”)
objCookie.Expires = #12/25/2007#
Response.Cookies.Add(objCookie) To create a persistent cookie, specify the
expiration time
Response.Write(Request.Cookies(“myCookie”).Value)Response.Write(Request.Cookies(“myCookie”).Value)
Retrieving Information from a Cookie
Read the cookie
Retrieve values from the cookie
lblTime.Text = objCookie.Values("Time")lblTime.ForeColor = System.Drawing.Color.FromName _
(objCookie.Values("ForeColor"))lblTime.BackColor = System.Drawing.Color.FromName _
(objCookie.Values("BackColor"))
lblTime.Text = objCookie.Values("Time")lblTime.ForeColor = System.Drawing.Color.FromName _
(objCookie.Values("ForeColor"))lblTime.BackColor = System.Drawing.Color.FromName _
(objCookie.Values("BackColor"))
Dim objCookie As HttpCookie = Request.Cookies("myCookie")Dim objCookie As HttpCookie = Request.Cookies("myCookie")
Using Cookieless Sessions
Each active session is identified and tracked using session IDs
Session IDs are communicated across client-server requests using an HTTP cookie or included in the URL
Cookieless sessions
Session ID information is encoded into URLs
Cannot use absolute URLs
Most browsers limit the URL size to 255 characters, which limits use of cookieless Session IDs
http://server/(h44a1e55c0breu552yrecobl)/page.aspxhttp://server/(h44a1e55c0breu552yrecobl)/page.aspx
Setting Up Cookieless Sessions
Session state is configured in the <SessionState> section of Web.config
Set cookieless = true
<sessionState cookieless="true" /><sessionState cookieless="true" />
