ASP.NET State Management Overview

As HTTP is stateless, meaning the connection to the server does not remain open. When ever page is post back to server a new instance of the class is created this means there is a overhead of loading all the values associated with controls that are present on the page because http is a stateless protocol and each round trip to the server causes controls to loose their values. To overcome the inherent limitation of http protocol ASP.NET includes several options that help you preserve data on both a per-page basis and an application-wide basis. These features are as follows:

View state

View state is the method that the ASP.NET page framework uses to preserve page and control values between round trips. When the HTML markup for the page is rendered, the current state of the page and values that must be retained during postback are serialized into base64-encoded strings. This information is then put into the view-state hidden field or fields.

Control state

Control state is used to store the state information specific to control. This property is very useful when you are creating custom control and want to know the current state of control.  AS compare to view state property which can be turned off by developer at page level and that can cause your control to break, in case of control state property that can not be turned off like view state.

Hidden fields

Hidden fields are controls that provide a way to store information and at the same time they are not visible to the user. When a page is submitted to the server, the content of a hidden field is sent in the HTTP form collection along with the values of other controls. A hidden field acts as a repository for any page-specific information that you want to store directly in the page. It is easy to see and modify the hidden field value so it is always recommend that never store sensitive information in Hidden field.

Cookies

Cookies are basically small text files that are used to store small amount of data on client file system. Cookies can also be stored in clients main memory. Cookies can be temporary (with specific expiration times and dates) or persistent. Generally cookies are used to store information about a particular client, session or application. When a client send a request to the server, browser also sent the cookie to the server, Server then extracts value from the cookie. Typically cookies are encrypted and used for storing user authentication information and user profile preferences.

Response.Cookies("destination").Value = "CA"
Response.Cookies("destination").Expires = DateTime.Now.AddDays(1)

Query strings

Query String is a key value pair that is appended at the end of url with a question mark (?). Query string is a very simple way to send information to the server but it is highly browser dependant. Different browsers have different length for query string. Information passed through query string is easily viewed by the client so query string is not a good option for sending sensitive information to the server.

View state, control state, hidden fields, cookies, and query strings all involve storing data on the client in various ways.

Application state

Application state is a data repository available to all classes in an ASP.NET application. Application state is stored in memory on the server and is faster than storing and retrieving information in a database. Unlike session state, which is specific to a single user session, application state applies to all users and sessions. Therefore, application state is a useful place to store small amounts of often-used data that does not change from one user to another. Application state is stored in an instance of the HttpApplicationState class. This class exposes a key-value dictionary of objects. The HttpApplicationState instance is created the first time a user accesses any URL resource in an application. The HttpApplicationState class is most often accessed through the Application property of the HttpContext class.

Application("WelcomeMessage") = "Welcome to the Contoso site."

Session state

ASP.NET session state enables you to store and retrieve values for a user as the user navigates ASP.NET pages in a Web application. HTTP is a stateless protocol. This means that a Web server treats each HTTP request for a page as an independent request. The server retains no knowledge of variable values that were used during previous requests. ASP.NET session state identifies requests from the same browser during a limited time window as a session, and provides a way to persist variable values for the duration of that session. By default, ASP.NET session state is enabled for all ASP.NET applications.

Session("FirstName") = FirstNameTextBox.Text
Session("LastName") = LastNameTextBox.Text

Profile Properties

Profile property is a new feature in ASP.ne that allow you to store user specific data this some thing like session but profile information is not lost when a user session is expire. The profile-properties feature uses an ASP.NET profile, which is stored in a persistent format and associated with an individual user. The ASP.NET profile allows you to easily manage user information without requiring you to create and maintain your own database. In addition, the profile makes the user information available using a strongly typed API that you can access from anywhere in your application. You can store objects of any type in the profile. The ASP.NET profile feature provides a generic storage system that allows you to define and maintain almost any kind of data while still making the data available in a type-safe manner.

Profile.PostalCode = txtPostalCode.Text

You must define the PostalCode property in the Web.config file by using the following markup:

<profile>
    <properties>
      <add name="PostalCode" />
    </properties>
  </profile>

Application state, Session state, and profile properties all store data in memory on the server.

We will discuss each of the state management feature in more detail in upcoming articles. some of the definitions are taken from MSDN

ASP.NET State Management

As we all know that HTTP is a stateless protocol means when after each request client is disconnected from server and ASP.net discards objects that were created for the page. Drawback of this architecture is that you have to store the information between the server request while on the other side this architecture enable web applications to scale up and servers can responds to thousands of simultaneous requests without running out of server
memory.

ASP.net includes a variety of state management options. A developer can choose right option for state management option depending upon data you need to store, duration for which data has to be stored, data scope and security and performance considerations.

There are three options available for state management in ASP.net

  • View State
  • Query String
  • Custom Cookies
  • Caching
  • Profiles

In addition to this you can also write a custom state management module for your application and use database or file system for storing state information but this will bring some performance issues to your application because for retrieving and storing state information you need to establish database connections. 

we will discuss asp.net management options in more details in upcoming posts.