ASP.NET session state enables you to store and retrieve values for a user as the user navigates the different ASP.NET pages that make up a Web application. HTTP is a stateless protocol, meaning that your Web server treats each HTTP request for a page as an independent request; by default, the server retains no knowledge of variable values used during previous requests. As a result, building Web applications that need to maintain some cross-request state information (applications that implement shopping carts, data scrolling, and so on) can be a challenge. ASP.NET session state identifies requests received from the same browser during a limited period of time as a session, and provides the ability to persist variable values for the duration of that session.

ASP.NET session state is enabled by default for all ASP.NET applications. ASP.NET session-state variables are easily set and retrieved using the Session property, which stores session variable values as a collection indexed by name. For example, the following code example creates the session variables FirstName and LastName to represent the first name and last name of a user, and sets them to values retrieved from TextBox controls.

Visual BasicВ	Copy Code
Session("FirstName") = FirstNameTextBox.Text Session("LastName") = LastNameTextBox.Text

C#В	Copy Code
Session["FirstName"] = FirstNameTextBox.Text; Session["LastName"] = LastNameTextBox.Text;

ASP.NET stores session information in the memory space of the ASP.NET application by default. You can, optionally, store session information using a stand-alone service so that session information is preserved if the ASP.NET application is restarted, in a SQL Server so that session information is available to multiple Web servers in a Web farm (and also persists if the ASP.NET application is restarted), or in a custom data store. For more information, see Session-State Modes.

ASP.NET also provides several other options for persisting data within an application besides session state. For a comparison of each, see ASP.NET State Management Recommendations.

In This Section

Session State Overview: Describes the different capabilities of the session-state feature.

Session Identifiers: Describes how a browser is identified with a particular session.

Session-State Events: Describes session-state events that can be added to the global.asax file.

Session-State Modes: Discusses the different session-state storage modes.

Securing Session State: Describes security issues to consider when using session state.

How to: Save Values in Session State: Provides a sample of storing values in session-state variables.

How to: Read Values from Session State: Provides a sample of reading values from session-state variables.

Implementing a Session-State Store Provider: Describes how to create a custom session-state store provider and includes a sample.

Reference

System.Web.SessionState: Provides classes and interfaces that enable storage of application data in session state.

Session: Provides access to the session for the current HTTP request.

Related Sections

ASP.NET State Management Recommendations: Describes differences between ASP.NET state-management options.

ASP.NET State Management: Provides an overview of the methods available to store application state in ASP.NET applications.