Session Mode - State Server

In previous post we see what Session is, how to use it and what are all Modes of storing Session’s.

Now, we will see How to use State Server to store ASP.Net Session.

When you enable State Server Session state, Session state information is stored in a separate Windows NT Service. The Windows NT Service can be located on the same server as your web server, or it can be located on another server in your network.

If you store Session state in the memory of a separate Windows NT Service, then Session state information survives even when your ASP.NET application doesn't. For example, if your ASP.NET application crashes, then your Session state information is not lost because it is stored in a separate process.

Furthermore, you can create a web farm when you store state information by using a Windows NT Service. You can designate one server in your network as your state server. All the web servers in your web farm can use the central state server to store Session state.

You must complete the following two steps to use State Server Session state:

• Start the ASP.NET State Service.
• Configure your application to use the ASP.NET State Service.

You can start the ASP.NET State Service by opening the Services applet located at Start, Control Panel, Administrative Tools (see below image). After you open the Services applet, double-click the ASP.NET State Service and click Start to run the service. You also should change the Startup type of the service to the value Automatic so that the service starts automatically every time that you reboot your machine.

If you want to run the ASP.NET State Service on a separate server on your network, then you must edit a Registry setting on the server that hosts the ASP.NET State Service. By default, the ASP.NET State Service does not accept remote connections. To allow remote connections, execute RegEdit from a command prompt and set the following Registry key to the value 1:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aspnet_state\Parameters\AllowRemoteConnection

After you start the ASP.NET State Service, you need to configure your ASP.NET application to use it. The web configuration file in shown below enables State Server Session State.

version="1.0"?>

<configuration>

<system.web>

mode="StateServer"

stateConnectionString="tcpip=localhost:42424"

stateNetworkTimeout="10" />

<machineKey

decryption="AES"

validation="SHA1"

decryptionKey="306C1FA852AB3B0115150DD8BA30821CDFD125538A0C606DACA53DBB3C3E0AD2"

validationKey="61A8E04A146AFFAB81B6AD19654F99EA7370807F18F5002725DAB98B8EFD19C7113

37E26948E26D1D174B159973EA0BE8CC9CAA6AAF513BF84E44B2247792265" />

system.web>

The web configuration file modifies three attributes of the sessionState element. First, the mode attribute is set to the value StateServer. Next, the stateConnectionString attribute is used to specify the location of the ASP.NET State Server. In above file, a connection is created to the local server on port 42424. Finally, the stateNetworkTimeout attribute is used to specify a connection timeout in seconds.

Note: You can configure the ASP.NET State Server to use a different port by modifying the following Registry value:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aspnet_state\Parameters\Port

You need to stop and restart the ASP.NET State Service with the Services applet after making this modification.

Notice that the web configuration above includes a machineKey element. If you are setting up a web farm, and you need to use the same State Server to store Session state for multiple servers, then you are required to specify explicit encryption and validation keys. On the other hand, you don't need to include a machineKey element when the ASP.NET State Server is hosted on the same machine as your ASP.NET application.

Warning: Don't use the web configuration without modifying the values of both the decryptionKey and validationKey attributes. Those values must be secret.

After you complete these configuration steps, Session state information is stored in the ASP.NET State Server automatically. You don't need to modify any of your application code when you switch to out-of-process Session state.

Thanks,

Paresh Bhole