Session in C# - Programmers Heaven

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Welcome to the new platform of Programmer's Heaven! We apologize for the inconvenience caused, if you visited us from a broken link of the previous version. The main reason to move to a new platform is to provide more effective and collaborative experience to you all. Please feel free to experience the new platform and use its exciting features. Contact us for any issue that you need to get clarified. We are more than happy to help you.

Session in C#

mohitkumarmohitkumar indiaPosts: 14Member

What is A Session in ASP.NET * Definition: Session is a Server side statemanagement technique by using which we can * able to persist data. * Session Management can be done in 2 modes.

  • 1.InProc 2.OutProc
  • InProc: in the InProc mode Session data is stored in the IIS or WebServer memory.
  • OutProc: in the OutProc mode session data is stored outside of IIS or Webserver.
  • OutProc mode can be again devided into 2 types.

  • a.StateServer Mode b. SQLServer mode.

  • StateServer : In the StateServer mode the session data is stored in the StateServer
  • which can be in the same server where IIS is located or it can be in another
  • remote computer. StateServer is a service only but not a physical device.
  • SQLServer mode: In the sqlserver mode the Session data is stored in the SQLServer database.
  • Q1:When to Use InProc and When to Use OutProc Session modes?
  • Ans: when your application is following a Webfarming or webGardening model you
  • should use OutProc mode. Depending on the requirement you can choose StateServer or
  • SQLServer mode but SQLServer mode is more reliable than StateServer mode.
  • Q2:How your Session usually works?
  • Ans: When a request coming from the Client for any webpage for the firstTime
  • IIS Creates a sessionID for each client. This sessionID sent to Client in a cookie
  • called sessionCookie. This session cookie will be traversed always from client to
  • server and then back to client from server.
  • Q3:What if a Cookie is explicitly disabled by Client?
  • If client explicitly disables cookies then we can able to send the SessionId
  • in a cookie less session means our sessionID will be attached to the Url
  • and the SessionID will be visible in the address bar.

  • Q4: What is the problem with Cookie less session

  • Ans: Cookie less session is insecured. and if you share your application url with
  • others your SessionId will not be having security and others can able to change
  • your session data.

  • Q5: Is it mandataory to store only serializable data into the Session Memory?

  • Ans: No . But incase of Outproc memory if State Server or Sql Server
  • present in a remote machine then it is mandatory to store only serializable data
  • into the session memory.

  • Q6: What is the default session timeout in case of Inproc session?

  • Ans: 20 minutes.

For similar kind of C# interview Question you can refer this link c# interview questions

Sign In or Register to comment.