Session and state management

 ASP.NET, like traditional ASP,
 provides the facility to track a user's session using Session
State. Web applications are built on Hypertext Transfer
Protocol (HTTP).
 HTTP being a stateless protocol, each request to the
server from the client is understood as an independent
request. ASP.NET provides a powerful way to store a
user’s session specific data using the Session State which
is accessible as long as the user’s session is alive
 This module discusses Session State, its advantages and
disadvantages, the Session storage modes and how we can
configure the same using the application’s web.config file

 Types of State Management –
 Applilcation State, Session state, Cookie state, View
state
 Application and Session Variables
 Cookies and Cookieless Sessions
 Storing Application and Session Data in different
modes
 In-process storage, Session State Service, Microsoft
SQL Server
 Using Session Variables
 Using Cookies
 Using Application Variables
 Using the Cache Object

 Using ASP.Net Caching
 Output Caching
 Partial Page Caching
 Using Dynamic Properties

 ASP.NET provides four types of state:
 Applilcation State
 Session state
 Cookie state
 View state
 ASP.NET, like its predecessor, ASP,
 provides a pair of objects for managing application-
level state and session-level state.
 Application state
 is where information that is global to the application
may be stored.
 This state is typically stored once and then read from
many times.

 Session state
 is maintained on a per-client basis.
 When a client first accesses any page in an application, an
ASP.NET generated session ID is created.
 That session ID is then transmitted between the server
and the client via HTTP either using client-side cookies or
encoded in a mangled version of the URL.
 Cookies
 provide the ability to store small amounts of data on a
client's machine.
 Once a cookie is set, all subsequent pages accessed by the
same client will transmit the cookie and its value.

 View state is a another way of storing state on behalf of a
client by saving and restoring values from a hidden field
when a form is posted.
 Advantages & Disadvantages of State Type:
Type of
State
Scope of State Advantages Disadvantages
Application Global to the
application
•shared across
all clients
•Overuse limits scalability
•Not shared across multiple
machines in a Web farm or
processors in a Web garden
•Primary purpose subsumed
by data cache in ASP.NET

Type of
State
Scope of
State
Advantages Disadvantages
Session Per client •Can configure
to be shared
across
machines in a
Web farm and
processors in a
Web Garden
•Requires cookies or
URL managing to
mange client
association
•Off-host storage can
be inefficient

Type of
State
Scope of
State
Cookie Per client •Works
regardless of
server
configuration
•State stored on
client
•State can live
beyond current
session
•Limited memory (-
4KB)
•Clients may not
support cookies or may
explicitly disable them
•State is sent back and
forth with each request

Type of
State
Scope of
State
View Across
POST
request to
the same
page
•Works
regardless of
server
configuration
•State is retained only
with POST request
made to the same page
•State is sent back and
forth with each request

 An object is initialized in the Application_Start
event and further access is read-only.
 The Refresh Variable Dialog is used to select the
method for maintaining Session Variables in
ASP.NET application.
 Because an application and all the objects it stores
can be concurrently accessed by different threads,
it is better to store only infrequently modified data
with application scope. Ideally an object is
initialized in the Application_Start event and
further access is read-only.

 As the data is never modified after
initialization, you do not have to make any
provisions for serializing access.
 Net Sessions provides a simple and complete
methodology for creating, using, and
maintaining Session Variables in ASP.NET
applications.
 The Refresh Variable Dialog is used to select
the method for maintaining Session Variables
in ASP.NET application.

 Session state features can be configured via the
<sessionState> section in a web.config file.
 ASP.NET will store the session state in the same
process that processes the request, just as ASP
does.
If cookies are not available, a session can be
tracked by adding a session identifier to the URL.
This can be enabled by setting the following:
<sessionState
cookieless="true" />

 To provide individual data for a user during a session,
data can be stored with session scope.
 ASP.NET can store session data in an external process,
which can even reside on another machine. To enable
this feature:
 Start the ASP.NET state service, either using the
Services snap-in or by executing "net start
aspnet_state" on the command line. The state service
will by default listen on port 42424. To change the
port, modify the registry key for the service:
HKEY_LOCAL_MACHINESYSTEMCurrentContr
olSetServicesaspnet_stateParametersPort.

 Set the mode attribute of the <sessionState> section
to "StateServer".
 Configure the stateConnectionString attribute with
the values of the machine on which you started
aspnet_state.

 Cookie :
 A cookie is a small file on the user’s computer that
contains information specific to one web site.
 This file can contains things such as username and
passwords that will be used to customize a user’s
visit to the site.
 Cookies can contain any simple data type such as
string, integer, floats, Booleans, and so on.
 For example many sites that display news headlines
will allow users to select which types of news they
want to see . This information can be stored in
cookies so that the next time the user visits, the site
can read those values and customize accordingly.

 The http cookies object provides methods for
accessing and creating these cookies. You can
use this object to examine the property of the
cookie. However the most common way to
manipulate cookies is through the request and
response object which both have a cookies
properties that return a reference to an http
cookie object.

 A cookie is a piece of text that a Web site can
store on a user's machine to be retrieved and
reused later. The information stored consists of
harmless name-value pairs.
 cookies are not part of the standard HTTP
specification, so they imply a collaboration
between browsers and Web sites to work.
 Not all browsers support cookies and not all
users may have cookie support enabled in their
own copy of the browser.

 Storing cookies on the client is one of the
methods that ASP.NET's session state uses to
associate requests with sessions.
 Cookies can also be used directly to persist
data between requests, but the data is then
stored on the client and sent to the server with
every request.
 Browsers place limits on the size of a cookie;
only a maximum of 4096 bytes to be acceptable.

 When the data is stored on the client, the
Page_Load method in the file cookies1.aspx
checks whether the client has sent a cookie. If
not, a new cookie is created and initialized and
stored on the client.
 To make a cookie persistent between sessions,
the Expires property on the HttpCookie class
has to be set to a date in the future.
 To enable cookieless sessions in ASP.NET
application, change the following configuration
setting:
<sessionState cookieless="true" />

 If the cookieless attribute of the
<sessionState> section is set to true.
 The module generates a new session ID, twist
the URL by adding the session ID just before
the resource name, and redirects the browser to
the new URL using the HTTP 302 command.

 We have three choices for storing session state in an
ASP.NET application:
 In-process storage
 Session State Service
 Microsoft SQL Server
 In-process storage:
 The default location for session state storage is in the
ASP.NET process itself.
 If we don’t change the default configuration of
ASP.NET, then session state information is stored in
memory of ASP.NET process itself. If we restart the
WWW server (or if it crashes for some reason), all of
this information is lost

 Session State Service:
 To use the State Service, we need to edit the
sessionState element in ASP.NET application's
web.config file
 <sessionState mode="StateServer"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString= "data source=127.0.0.1;user
id=sa;password=" cookieless="false" timeout="20"
/>
 It need to start the ASP.NET State Service on the
computer that we specified in the
stateConnectionString attribute

 Session State Service (Cont…)
 If we make the changes, it shows slightly
different behavior: session state persists even if
we recycle the ASP.NET process
 There are two main advantages to using the State
Service
 First, it is not running in the same process as
ASP.NET, so a crash of ASP.NET will not
destroy session information.
 Second, the stateConnectionString that's used to
locate the State Service includes the TCP/IP
address of the service, which need not be
running on the same computer as ASP.NET.

 Session State Service (Cont…)
 - This allows you to share state information across a
web garden (multiple processors on the same
computer) or even across a web farm (multiple
servers running the application).
 With the default in-process storage, we can't
share state information between multiple
instances of application.

Session State Service (Cont…)
 The major disadvantage of using the State
Service
 is that it's an external process, rather than part of
ASP.NET.
 That means that reading and writing session state is
slower than it would be if you kept the state in-
process. (ie), it's one more process that need to be
manage.

Microsoft SQL Server:
 To use SQL Server for storing session state, you need to
perform several setup steps:
 - Run the InstallSqlState.sql script on the Microsoft SQL
Server where you intend to store session state.
 This script will create the necessary database and
database objects.
 The .NET Framework installs this script in the same
folder as its compilers and other tools—
 for example,
C:WINNTMicrosoft.NETFrameworkv1.0.3705 on a
Windows 2000 computer with the 1.0 version of the
Framework.

 Microsoft SQL Server (Cont…)
 Edit the sessionState element in the web.config file
for your ASP.NET application as follows:
<sessionState mode="SQLServer"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString= "data
source=SERVERHAME;user id=sa;password="
cookieless="false" timeout="20"/>
 Supply the server name, user name, and password for a
SQL Server account that has access to the session state
database in the sqlConnectionString attribute.

 Microsoft SQL Server (Cont…)
 Like the State Service, SQL Server lets you share
session state among the processors in a web garden
or the servers in a web farm
 Like the State Service, SQL Server is slower than
keeping session state in process

 The session object presents a very interesting
concept.
 Because the web is a stateless medium
information about a particular user is hard to
keep track of. There’s no way to use HTTP to
find out if a series of request comes from one
user or a bunch of different users. This makes it
hard to tailor a web site for one user.

 The session object combats this limitation.
 It allows you to store items that are pertinent to a specific
user in a single location on the server.
 Essentially it acts as that users personal storage locker of
information.
 Imagine lockers in a school you put your belonging in
your locker to store while you are in class. When you
leave for the day the locker is emptied.
 New term- The session object works by the same
mechanism . When a user visits your site he’s allocated a
“locker” into which the developer can put whatever
information she likes. The user’s time at the site is called a
session.
 Once the user leaves the site the locker is abounded the
information is lost and the session ends.

 Once the user leaves the site the locker is
abounded the information is lost and the
session ends.
 Imagine that user comes to your site and enter
his name in a form which you would like to
remember. You can put the name into the
session object and then recall it from anywhere
you want assuming the session has not ended.
The syntax is as follows:
Session. add (variable name, value)
Or:
Session( variable name)= value;

 There are various ways to control how the
session object behaves in your ASP>NET
applications.
 The first is the time out value , which sets how long
a session can be idle before ASP.NET abandons it.
 In other words if a user visits your site but does not
click on anything, or leaves the site for an amount of
time equal to this time out value the session and all
its information will be lost. This value is 20 minutes
by default in IIS 5.0, but you can easily change it as
follows:
Session. timeout =x ‘x is the number of
minutes

 There are a number of reasons you may want
to change this value.
Let’s examine a typical web site: each user that
comes to the site gets a unique session object which
means each user gets his own piece of the server’s
memory . Even if he leaves the site after only 30
seconds his session is still alive for another 19
minutes and 30 seconds. After a while this can add
up to a lot of memory.
 Table Slide table show the growth of session
with the default timeout value assuming 100
visitors come to your site every half hour and a
timeout value of 120 minutes.

TimeUser SessionDescription
0:00
0:30
1:00
1:30
2:00
2:30
3:00
100
100
100
100
100
100
100
100
200
300
400
500
500
500
100 sessions are created for the first 100 site visitors.
The first 100 sessions are still active weather or not the
visitors are still on the site. 100 new visitors means 100 new
sessions.
Another 100 visitors adds 100 new session while the first two
group sessions still have not expired.
100 new visitors=100 new sessions
……..
100 new visitors create 100 new sessions but the first group’s
sessions finally expire after 2 hours.
It just keeps going and going……..

 You have wasting a lot of memory 500 sessions for
only 100 concurrent visitors. This can definitely
slow down the operation of your whole site.
 You can also cause a session to expire immediately
by using the Abandon method.
 Imagine a web site where user can check their
email. After a user is done he wants to log out so
that other people can not use his e-mail account
when he’s away from his computer.
 Abandoning the session is one way to accomplish
this. Simply call the following :
Session. Abandon()
 The temporary cookie is deleted as well as any
session information.

 The session object can be manipulated just like
an array. You can loop through all the variables
and manipulate them as needed. Uses the for
… each statement in VB.NET to loop through
and display the contents of the session.

 By default ASP.NET uses cookies to store session IDs and keep
track of the users. What happens however if the user’s browser
does not support cookies or the user just not accepting any?
Luckily ASP.NET has another way to keep track of sessions.
 New term- Cookie mugging is the process that ASP.NET uses to
keep track of sessions without cookies.
 Before a page Is sent to the browser ASP.NET scan the HTML
code for any hyperlinks. At the end of each link ASP.NET track on
an encoded version of the session ID.
 When the user clicks a link ASP.NET grabs that string decodes it
and passes it to the page the user is requesting.
 This page can now use that ID to set or retrieve any session
variables. ASP.NET also places the encoded session ID in each link
on this page as well. This all happens automatically if ASP.NET
detects that the visitor dose not support cookies.

 Session (Cont…)
Do Don’t
Do use session variable s if
you have a small amount of
information for a single user
that you need to maintain for
the current session such as a
user name or password.
Don’t use session variables
when you have a lot of
information to store for each
user. There are other
methods that won’t eat up
your server’s memory as
fast, such as cookies and
databases.

 We can create them and store data in them in
exactly the same way:
 // create a new Session variable to store the
users name
Session ( 'Name' ) = 'James';
 // display the name in any page on your site
Out ( 'Your name is ' + Session ( 'Name' ) );
 The crucial difference between Application and
Session variables is that Session variables are
specific to each visitor to the site.

 The stateless web:
 Session variables have to overcome the problem
that the HTTP protocol that we use to browse
the web is stateless
 Each request for a page is completely
independant of earlier requests, so if we want
subsequent pages to "remember" the users name
that the user entered on front page, we have to
store that information somewhere
 This remembering of user-specific data is called
"maintaining state"

 Creating a new session:
 The first time a new user visits a page on site a new
session is automatically created
 cookies are simply data stored on computer and
automatically sent to the server by browsers when
requesting a page
 The first time a user visits, there's no cookie and the
server creates a new session and sets a cookie with
a unique value
 As the user browses site the cookie is sent back and
forth between computer and the server, allowing
the server to recognize the user

 Unless we have cookies disabled, or are using a
browser that doesn't support them, we should
see something like ASPSESSIONID
 Tracking new sessions:
 The server tell us when a new session is created
by calling a function in global.asa file,
Session_OnStart( )
 use the Session_OnStart( ) function to
increment a count of how many users are
currently on site, or more accurately how many
active sessions there are -

 <script language=JavaScript runat=server>
function Session_OnStart ( )
{
// you must lock the global Application object
// when writing to it - ok to read without lock
Application.Lock ( );
// one more active user
Application ( 'ActiveUsers' )++;
Application.Unlock ( );
}
</script>

Ending a session:
 There are two ways to end a session
 1. The user doesn't request or refresh a page within
a specific time period
2. Session.Abandon( ) is called from ASP page
Sessions timing out:
 By default, if a user doesn't make any requests from
the server for 20 minutes that session is ended.
Similar to before, the Session_OnEnd( ) function in
global.asa is called at that point.
 Note: Use only Application, Session and Server objects
in that function.

 Setting timeout for the entire application:
 Timeout value can be changed for all pages by configuring
IIS. On earlier versions of IIS on Windows NT can be changed
this setting in the Internet Service Manager, but that was
renamed to the "Internet Information Services snap-in" in
Windows 2000.
 To find the IIS snap-in: Control Panel / Administrative Tools
/ Internet Services Manager and then view the properties for
the Default Web Site. On that dialog go to the Home
Directory tab, and choose the Configuration button. Choose
the App Options tab, and <phew> there's the setting!

 Set it to as small a number as possible to increase
the efficiency of server. Set it larger than the time
users to read largest page, or they could lose their
session
 Setting timeout for a single session:
 We can override the timeout for a single session by
adding the following line into code –
 // this session will timeout after 5 minutes
inactivity
Session.Timeout = 5;

 Abandoning a session:
 We can end a session immediately by calling
Session.Abandon( ). The rest of the page is still
executed, and the Session object is still available for
that page, but the session is ended when the page
finishes executing.
 To stop processing immediately in a page, call
Response.End( )
 Note: Even though the session has ended, if the user
requests a new page from site a new session will
automatically start

 A cookie is stored on the client's machine by their web
browser software. To set a cookie, include information in an
HttpResponse that instructs the browser to save a cookie on
the client's system
 Basic code for writing a Cookie in ASP.NET:
Using System.Web;
Response.Cookies["BackgroundColor"].Value = "Red";
 To read the cookie back:
Response.Write
(Request.Cookies["BackgroundColor"].Value);
 Note: For security reasons you can only read a cookie that
was set within the same domain name

 To get a collection of stored items, such as user address details:
HttpCookieCollection cookies = Request.Cookies;
for(int n=0;n<cookies.Count;n++)
{
HttpCookie cookie = cookies[n];
Response.Write("<hr/>Name: <b>" + cookie.Name + "</b><br /
>");
Response.Write("Expiry: " + cookie.Expires + "<br />");
Response.Write("Address1: " + cookie.Address1+ "<br />");
Response.Write("Address2: " + cookie.Address2+ "<br />");
Response.Write("City: " + cookie.City+ "<br />");
Response.Write("Zip: " + cookie.Zip+ "<br />");
}

 The response object allows you to create cookies easily.
There are two ways to create cookies:
 you can create multiple cookies each with a single value
or
 you can create a single cookies with multiple key/value
pairs.
The following code snippet demonstrates both methods:
 ‘set up some cookie variables
 Response. Cookies(“ My Cookie”). Value=“ single cookie”
 Response. Cookies(“ 21dayscookie”)( “username”) =
“Chris”
 Response. Cookies(“ 21dayscookie”)( “ preference”) = “800 *
640”

 The browser sends all cookies information to the server when it
makes a request. Therefore you can use the request object to
gather that information.
 Accessing a cookie follows the exact same syntax as creating a
cookie. In the following listing you will use response .write to the
cookie value to the browser:
‘set’ up some cookie variables
Response. write(Request. Cookies(“ my cookie”). Value)
Response. Write(Request. Cookies(“ 21dayscookie”) (“username”)
Response. Write(Request. Cookies(“ 21dayscookie”)
(“preference”)
Again notice the difference between accessing a value and key/ value
pairs– specifically, the use of the value property.

 We can get the details of cookies during
development, by turning on tracing in
ASP.NET. By adding Trace=“true”, within the
@Page directive at the start of the page:
<%@ Page trace="true" language="c#"
Codebehind="page.aspx.cs"
Inherits="MyPage" %>

 Application variables are available to all pages on site, pages
that have the same application name. But they are gone
forever if the server is restarted
 To use Application variables write the statements like:
// to set the data
Application ( 'Data' ) = 'something';
// to use the data
Response.Write ( 'data is ' + Application ( 'Data' ) );
 We can use application variables for information including
the application name, background color, data source names,
or contact information

 A key reason that the Application object exists
in ASP.NET is for compatibility with classic ASP
code—to allow easier migration of existing
applications to ASP.NET.
 If we are creating an ASP.NET application from
scratch, store the data in static members of the
application class rather than in the Application
object.
 This will yield a performance increase over
using the Application object.

 Read/Write - We can add or modify items in
code while the application is running.
 To copy read-only code, set the variable's value
in the Application_Start event and then do not
change it anywhere else.
 Application variables are popular for storing
static items that need to be globally accessible
and yet modifiable at run time.

 Application state
 variables are, global variables for each ASP.NET
application.
 We can share values of these variables throughout the
application.
 These variables are usually set in the
Application_OnStart event and then accessed and
modified in individual ASP.NET pages
 The lifetime of application variables spans through the
lifetime of the ASP.NET application until the application is
unloaded

 HTTP is a stateless protocol. To allow users save
to state information across requests, ASP.NET
provides Session storage.
 The session variables are stored on per-user
basis. In ASP.NET 2.0, we can customize the
session state store as per the requirement.
ASP.NET 2.0 and Session Storage:
 ASP.NET 2.0 allows user to store session
variables at three distinct locations:
1. In the memory of the Web server (in process)

2. In the memory of a machine dedicated to storing
session variables (state server)
3. In an SQL Server database
 The first mode is the default. Modes 2 and 3 are
often called "out-of-process" modes because the
session store is independent of the Web site
 Storing session variables in the SQL server has the
following advantages:
 Scalability: Web farm architecture can very easily
access the session variables because they are stores
in an independent database

 It is a much more scalable option than the others
 Reliability: Because the data is physically
persisted in a database, it is more reliable than
the other options. It has the ability to survive
server restarts
 Security: SQL Server is more secure than the in-
memory or state server option. We can protect
data more easily by configuring SQL Server
security

 The session state mode can be configured via a
<sessionState> tag of the web.config file
 Note: In Web farm scenarios, the application
path of the Web site in the IIS metabase should
be identical in all the Web servers in the Web
farm
 Session_End event never fires for any of the out-
of-process modes

Configuring SQL Server to Store a Session State:
 Before store a session state in SQL server, we need
to configure it. This configuration is done via a
command line tool called ASPNET_REGSQL.EXE.
We can store the session state in three possible
locations within the SQL Server:
 Temporary storage: In this case, the session state
is stored in the "tempdb" database of SQL Server.
The tool creates a database called ASPState and
adds certain stored procedures for managing
session to it.

 The tool also creates required tables in the "tempdb"
database. If we restart the SQL server, the session data is
not persisted
 Persistent storage: The tool creates a database called
ASPState and adds stored procedures for managing a
session to it. The session state is stored in the ASPState
database. The advantage of this method is that the data is
persisted even if we restart the SQL server
 Custom storage: Both the session state data and the stored
procedures are stored in a custom database. The database
name must be specified in the configuration file.

Disadvantages of Storing the Session State in
SQL Server:
 Performance: In terms of performance, a SQL
Server-based session store is possibly the
slowest option. Because session variables are
stored in a physical database, it takes more time
to get them in and out of the database. This
affects the performance of Web site
 Cost: To store data in a SQL Server database, we
need to have a SQL Server license. This can add
to overall cost of Web site

 Serializable data: This method requires that all
the data stored in session variables must be
serializable. Mark the classes as [Serializable] if
we want to store them in a session

 Cache Object
 By using caching we can speed up processing
 There were also third-party options, like XCache
 The main benefits of caching are performance-related:
operations like accessing database information can be
one of the most expensive operations.
 If the database information is fairly static, this
database-information can be cached
 When information is cached, it stays cached either
indefinitely, until some relative time, or until some
absolute time

 Caching Options in ASP.NET:
ASP.NET supports three types of caching for
Web-based applications:
1. Page Level Caching (called Output Caching)
2. Page Fragment Caching (often called Partial-
Page Output Caching)
3. Programmatic or Data Caching

 Page Level Caching/Output Caching:
 Caches the HTML output of dynamic requests to
ASP.NET Web pages
 ASP.NET implements this through an Output Cache
engine.
 Each time an incoming ASP.NET page request comes
in, this engine checks to see if the page being
requested has a cached output entry.
 If it does, this cached HTML is sent as a response;
otherwise, the page is dynamically turned and, its
output is stored in the Output Cache engine
 Output Caching is particularly useful when we have
very static pages

 Page Level Caching/Output Caching (Conti..)
 Output caching can be implement in ASP.NET by
simply using the @OutputCache page directive
<%@OutputCache Duration="60" VaryByParam="none" %>
 The Duration parameter specifies how long, in seconds,
the HTML output of the Web page should be held in
the cache
 When the duration expires, the cache becomes invalid
and, with the next visit, the cached content is flushed,
 The ASP.NET Web page's HTML dynamically
generated, and the cache repopulated with this HTML

 Page Level Caching/Output Caching (Conti..)
 The VaryByParam parameter is used to indicate
whether any GET (QueryString) or POST (via a form
submit with method="POST") parameters should be
used in varying what gets cached (ie)
 multiple versions of a page can be cached if the
output used to generate the page is different for
different values passed in via either a GET or POST

Page Fragment Caching/Partial-Page Output Caching:
 Partial-Page Output Caching, or page fragment caching,
allows specific regions of pages to be cached
 ASP.NET requiring part(s) of the page we wish to have
cached appear in a User Control
 Since Output Caching caches the HTML of the entire
ASP.NET Web page, clearly Output Caching cannot be used
for these scenarios: enter Partial-Page Output Caching
 Contents of a User Control should be cached is to supply an
OutputCache directive at the top of the User Control
 The content inside the User Control will now be cached for
the specified period, while the ASP.NET Web page that
contains the User Control will continue to serve dynamic
content.

 Partial page caching allows user to cache parts of a
response.
 This mechanism is useful when pages contain
volatile content such as calculation results, static
content such as headers and footers.
 Partial page caching is supported by a tag library
for use in JSPs, and a public API for use in servlets
 The tag library implementation is provided in
CacheTags.jar, installed in the extensions subdirectory
of EAServer installation

 To use the library in a JSP, add the following
directive:
<%@ taglib
url="http://www.sybase.com/EAServer/cachetags
.tld" prefix="ct"%>
 To cache a portion of a page, surround it with this
tag, as in:
<prefix:cache attributes>... page content
...</prefix:cache>
 Where prefix is the tag prefix that we assigned the
tag library when declaring it in the taglib directive

 Using the caching API:
 We can call the caching API to cache response
parts in servlets. The API is implemented by
class CacheManager, described below:
package com.sybase.jaguar.servlet;
public class CacheManager
 Allows user to cache responses or parts of a
response in Java servlets

Note : that for this we should not place an
OutputCache directive in the ASP.NET Web
page that contains the User Control - just inside
of the User Control
Programmatic or Data Caching:
 Programmatic or data caching takes advantage
of the .NET Runtime cache engine to store any
data or object between responses (ie),
 we can store objects into a cache, similar to the
storing of objects in Application scope in classic
ASP

 Data cache is kept in memory and "lives" as long
as the host application does (ie), when the
ASP.NET application using data caching is
restarted, the cache is destroyed and recreated
 To store a value in the cache, use syntax like
this:
Cache[“check"] = bar; // C#
Cache(“check") = bar ' VB.NET
 To retrieve a value, simply reverse the syntax
like this:
bar = Cache[“check"]; // C#
bar = Cache(“check") ' VB.NET

 Since Data Caching uses an in-memory cache,
there are times when cache elements may need
to be evicted.
 To add an instance of the object bar to the cache
named foo, use syntax like this:
Cache.Insert(“Check", bar); // C#
Cache.Insert(“Check", bar) ' VB.NET

 If we want to pull data out of an XML file, but don't
want to constantly go to disk to read the data, we
can tell the ASP.NET caching engine to expire the
cached XML file whenever the XML file on disk is
changed. To do this, use the following syntax:
Cache.Insert(“Check", bar, new
CacheDependancy(Server.MapPath("BarData.xml
")))
 The cache engine takes care of removing the object
bar from the cache when BarData.xml file is
changed

 Using the power of dynamic properties, we can declare
property values not only as constants, but also as formulas.
The formulas used in a dynamic property can reference
property values from other elements, thereby allowing authors
unique flexibility when designing their Web pages

Benefits of Dynamic Properties:
 Dynamic properties are similar to a spreadsheet's
implementation of a formula. In a spreadsheet, a cell's value
can be a constant or a formula. A formula can include
references to any number of other cells in the spreadsheet.
Likewise, a dynamic property can reference other properties
on the same document.

 Dynamic properties enable Web authors to
describe relationships between objects, properties,
and variables in terms of functions, rather than
specify an explicit sequence of steps to follow
 Implementing Dynamic Properties:
 Dynamic properties are introduced through four
new methods:
1. The getExpression method returns the current
formula used for the dynamic property
2. The recalc method allows authors to explicitly
cause the values of dynamic properties to be
updated.

3. The removeExpression method clears formulas set with the
setExpression method
4. The setExpression method specifies a formula for a given
value
 Dynamic property formulas are assigned in script with the
setExpression method. They can also be assigned inline using
the global possible value, expression, in the style block or in
the STYLE attribute
 Ex: Dynamic HTML (DHTML) can be used to position objects
based on the location and measurement of other objects.
 - Center the object horizontally:
object.style.left=(document.body.clientWidth/2) -
(object.offsetWidth/2);

 - Center the object vertically:
object.style.top=(document.body.clientHeight/2) -
(object.offsetHeight/2);
 Note: For some earlier versions of Windows
Internet Explorer, the style object is not updated
after using setExpression or removeExpression
until the recalc method is called. For backwards
compatibility, always include a recalc after
dynamically modifying an expression
 The parameters of setExpression are first evaluated
by the scripting language engine

 When specifying a string constant for a parameter of
setExpression, nest the constant in single quotes. The single
quotes force the parameter to be evaluated as a string
object.style.setExpression("backgroundColor","red");
 To allow the Cascading Style Sheets (CSS) parser to interpret
this string as the natural color constant "red", the string must
be wrapped in single quotes
object.style.setExpression("backgroundColor","'red'");
 Dynamic properties can be retrieved and removed using the
getExpression and removeExpression methods

 The getExpression method returns a variant containing the
expression used to compute the dynamic property. This
expression is recalculated when the getExpression method is
invoked
 Expressions are cleared using the removeExpression method.
This method is the only way to clear dynamic property values
set with the setExpression method. When an expression is
cleared, the property value is equal to the last expression
calculation and a Boolean value is returned indicating whether
the expression was removed

 The recalc method is used to recalculate dynamic properties
in a document. Calling recalc(true) will recalculate all
expressions in the current document, regardless of whether
referenced properties have been changed. After a dynamic
property has been recalculated, references to that property
will retrieve the new calculated value
 Notes on Implicit Dependencies:
 Implicit dependencies refer to properties that may be altered
by changes in other properties. For instance, the offsetWidth
of an element depends on the width and possibly even the
height value in a style sheet

 The viewstate describe how an object looks at
that particular moment.
 An application that keeps track of this
information is said to maintain state.
 If you fill out an HTML form and come back to
it later chances are the fields you’ve filled out
will be empty.
 This is because the web is a stateless medium it
does not allow you to keep track of view state
or other such information.

 This was often a pain for traditional ASP
developer because it required mechanism to
maintain and retrieve this information
ASP.NET makes this much easier.
 ASP.NET automatically keeps track of the
viewstate for you. This means that if you fill
out an HTML form and click submit the value
will still be there when the page comes back!
 This is an important part of ASP.NET and is
integral to a number of different mechanisms.
 ASP.NET does this by outputting hidden
HTML form field whenever you tell a form
runat=“server” .

 That string of the seemingly random character is ASP.NET way of
telling itself what each control looks like.
 When the form is submitted ASP.NET automatically retrieves this
string and uses it to fill out the form information again.
 ASP.NET uses the fact that browsers can only understand HTML
and writes itself reminders in the page that are send to the client.
For example look at the following line written on the server:
<form runat =“server”>
This sends the following HTML code to the browser:
<form name =“ ctrl2”method = “post” action = “listing0201.aspx” id=“ctrl2”>
<input type =“hidden” name” __VIEWSTATE” value
=“YTB6LTEwNzAy0TU3NjJfX1949e1355cb”/>
 Viewstate management show cases ASP.NET focus on making the
web a more traditional application environment.

Session and state management

More Related Content

What's hot (20)

Similar to Session and state management (20)

More from Paneliya Prince (20)

Recently uploaded (20)

Session and state management