Session and Cookies.pdf

1. Sessions and Cookies Sessions and Cookies Vi l P i Vi l P i Visual Programming CS 783 Asim Israr Visual Programming CS 783 Asim Israr Asim Israr Asim Israr

2. What is Session? A session is defined as the period of time that a unique user interacts with a web that a unique user interacts with a web application.

3. Session state Session state • Programmatically, session state is nothing more than memory in the shape of a dictionary or hash table, e.g. key-value pairs, which can be set and read for the duration of a user's session

4. ASP Session State ASP Session State • ASP maintains session state by providing the client with a unique key assigned to the user when the session begins • This key is stored in an HTTP cookie y that the client sends to the server on each request. q • The server can then read the key from the cookie and re-inflate the from the cookie and re inflate the server session state.

5. ASP Session State P bl Problems • Process dependent – ASP session state exists in the process that hosts ASP S f li it ti • Server farm limitations – ASP session state is machine specific. Each ASP server provides its own session state and ASP server provides its own session state, and unless the user returns to the same server, the session state is inaccessible • Cookie dependent – Clients that don't accept HTTP cookies can't take advantage of session state take advantage of session state

6. ASP.NET session state solves all of the above problems associated with classic ASP session state • Process independent p – ASP.NET session state is able to run in a separate process from the ASP.NET host process • Support for server farm configurations – By moving to an out-of-process model, ASP.NET also solves the server farm problem also solves the server farm problem • Cookie independent Cookieless session state support through simple – Cookieless session state support through simple configurations

7. Session Configurations Session Configurations fi i <configuration> <sessionstate mode="inproc" cookieless="false" cookieless= false timeout="20" sqlconnectionstring="data source=127 0 0 1;user id=<user source 127.0.0.1;user id <user id>;password=<password>" server="127.0.0.1" port="42424" /> p </configuration>

8. Session Configurations Session Configurations • Mode. The mode setting supports three options: inproc, sqlserver, and stateserver. ASP.NET supports two modes: in process and out of process. There are also two options for out-of-process state management: memory based (stateserver), and SQL Server based (sqlserver).

9. Session Configurations Session Configurations • Cookieless. The cookieless option for ASP.NET is configured with simple Boolean setting. • Timeout. This option controls the length of time a session is considered g valid. The session timeout is a sliding value; on each request the timeout q period is set to the current time plus the timeout value

10. Session Configurations Session Configurations • Sqlconnectionstring. The sqlconnectionstring identifies the database connection string that names the database used for mode sqlserver. • Server. In the out-of-process mode stateserver, it names the server that is running the required Windows NT service: ASPState.

11. Session Configurations Session Configurations • Port. The port setting, which accompanies the server setting, identifies the port number that corresponds to the server setting for mode stateserver.

12. Performance and Reliability Considerations • In process In process – In process will perform best because the session state memory is kept within the y p ASP.NET process. – For Web applications hosted on a single pp g server, applications in which the user is guaranteed to be re-directed to the h i correct server, or when session state data is not critical, this is the mode to choose choose.

13. Performance and Reliability Considerations • Out of process Out of process – This mode is best used when performance is important but you can't p p y guarantee which server a user will request an application from. – With out-of-process mode, you get the performance of reading from memory d h li bili f and the reliability of a separate process that manages the state for all servers.

14. Performance and Reliability Considerations • SQL Server SQL Server – This mode is best used when the reliability of the data is fundamental to y the stability of the application, as the database can be clustered for failure scenarios. – The performance isn't as fast as out of b h d ff i h hi h process, but the tradeoff is the higher level of reliability.

15. What is Cookie? A cookie is a small bit of text that accompanies requests and pages as they go between the q p g y g web server and browser. Contains information the web application can read whenever the user visits the site

16. Background Background • For example, if a user requests a page from your site and your application sends not just a page, but also a cookie containing the date and time, when the user's browser gets the page, the browser also gets the cookie, which it stores in a folder on the user's hard disk.

17. Background Background • Later, if user requests a page from your site again, when the user enters the URL the browser looks on the local hard disk for a cookie associated with the URL. • If the cookie exists, the browser sends the cookie to your site along y g with the page request.

18. Background Background • Your application can then determine the date and time that the user last visited the site. • You might use the information to display a message to the user or p y g check an expiration date.

19. Background Background • Cookies are associated with a Web site, not with a specific page, so the browser and server will exchange cookie information no matter what page the user requests from your site. • As the user visits different sites, each site might send a cookie to the user's browser as well; the browser stores all the cookies separately.

20. Usage Usage • Cookies are used for many purposes, all relating to helping the Web site remember users • For example, a site conducting a poll might use a cookie simply as a g p y Boolean value to indicate whether a user's browser has already y participated in voting so that the user cannot vote twice.

21. Usage Usage • A site that asks a user to log on might use a cookie to record that the user already logged on so that the user does not have to keep entering credentials.

22. Limitations Limitations • Most browsers support cookies of up to 4096 bytes. – Because of this small limit, cookies are best used to store small amounts of data • Browsers also impose limitations on how many cookies your site can store on the user's computer • Users can set their browser to refuse cookies

Session and Cookies.pdf

Session and Cookies.pdf

Recomendados

Más contenido relacionado

Similar a Session and Cookies.pdf

Similar a Session and Cookies.pdf(20)

Último

Último(12)

Session and Cookies.pdf