I have to store data of thousand of records in a data table and maintained on postback. Which option is suitable for me viewstate(which i used) or session. When i used viewstate it will created hidden field for storing it and slow down the page loading. So is there any overhead (server side memory consumption and delay in the responses) in storing it in session. Please suggest me the solution
For large amounts of data, Session is way more efficient. If you can detect when the user is done with a particular block of data, set the Session variable to null, to help memory overhead. You can't always do this, but the Session will eventually expire and the memory will be reclaimed then. Lowering the Session timeout can help some, but don't set it too small, you don't want to cut off your users. Session needs to be enabled in your Web.config file.
Here's the basic guidelines for Session vs. ViewState:
ViewState: The binary data structure of the ViewState is Base64 encoded to be placed into the page, which means it is 1.3333 times (8/6) the size of the original binary data. This data is uploaded and downloaded for each page view. So if you have a lot in the ViewState it impacts page response times. Base64 encoding is probably highly optimized, so that's not a performance hit. Each page request will allocate, then free up, the space for the ViewState, so it's not a long term memory hit. Since the data is in the page, it doesn't expire.
Session: All of the data in the Session is preserved in the web server between page loads. This keeps the page small, it only has to carry the Session identifier. On the down side, any memory used to store data in the Session stays allocated until the Session expires. I've wondered if the Session copies binary data or just keeps a pointer. Like Base64 encoding, this can be highly optimized, so if it happens it is not a performance hit. The Session may expire, if the user waits too long between page views. If the session expires, it should return the user back to some known state in the web page.
One other issue here, if you're storing information in the Session, the session id may be shared among multiple tabs in the client browser. You have to be careful how you're using the data stored in the Session. Make sure you test for this so your users don't get unexpected results.
(Note: Using ViewState is RESTful, Session is not.)
Related
After a user has initially established session with ASP.NET, with each subsequent HTTP request how much of StateServer session objects are immediately and automatically fetched and deserialized? For example:
Are ALL session objects fetched the moment the request is received and session re-established, or...
After session is re-established are session objects fetched and deserialized individually as each request to HttpContext.Session["..."] is made?
The answer has a HUGE impact on how I can use session. For example, if I have pre-fetched a significant amount of user data into session, and the StateServer session is completely deserialized upon each HTTP request, then I will experience a noticeable performance hit. If however the pre-fetched user data is only deserialized when I request specific session keys, then for me there is no worry.
UPDATE
After marking an answer to this question, I discovered that ASP.NET with AppFabric Server 1.1 has an option to have session restored on-demand rather than all-at-once. This is controlled by useBlobMode in your web.config.
Session loads all of the user Session information when the page is first loaded. It then persists the users Session information back to the store after the page is done processing.
You can get a better understanding via MSDN on custom state store implementations.
This is a major reason that you're supposed to use Session as rarely as possible because it is expensive to deal with (both in the transporting to and from the data store and the holding of the data in memory for the lifetime of the page request).
Which one more costilier View State or Session when a bulk data is stored. Why?
Depends on your point of view and usage, but generally session is cheaper all around.
For the client, session is nearly free. It only has to deal with keeping up with a session cookie (or the session id via the url if you configured for cookieless sessions). Viewstate pushes all the data to the client, in the text of the page source.
For the server, session and viewstate both have a cost. viewstate has to be serialized and deserialized and moved across the wire. Session is stored in memory (unless configured otherwise) but doesn't have to be manipulated. So session uses more storage in memory over a longer period of time, viewstate creates temporary memory use and higher cpu hits. So it depends on how much data, how often the client is communicating with the server, and which resources you want to conserve... though in general, with bulk data, session would win hands-down in almost all practical cases.
ViewState will cost bandwidth and make your pages heftier while the Session will cost memory on the server or some other server if out-of-proc is used.
In our application, we have a "BasePage" that declares a number of properties to be used by more or less every page in the app.
Inside these properties, they write to ViewState. These are all typically an int or small string value, nothing huge. Typical use is call a web service and hold an id for use within the page, for example.
I've used viewstate since I'm wary of the loss of session variables should IIS recycle for example. Also, I figured, very small values would not add hugely to the page size.
Am I being overly paranoid about session though and would it have been a better option.
Our environment is a 2 server cluster with SSL termination on each server, sticky sessions maintained by the load balancer - so using In Proc is not a problem per say, I'm just very wary of it.
Never trust your user sent data.
Even all data you receive is not sensitive, if you send it to your user browser, you should to check it again before use it. Maybe most users are legitimate, but just one can break your application.
What are your options to store data?
Hidden field; can ve easily tampered at client side
Cookie; ancient method to keep user specific data, but very size limited.
ViewState; your data go to client and come back, using bandwidth and could be tampered.
Session, InProc; your never have problems, until a application pool get recycled
Session, State server; you keep your session data in another server process.
Session, database; can work with almost (if not all) load balance scenarios, as you dont need stick sessions, nor to worry with app pools recycling. All your data are belong to us your SQL Server.
Reading your scenario, you probably need to deal with out-of-process session storage.
I think it's best to avoid using Session state where possible, especially on a server cluster even if you are using sticky sessions. Sessions can expire, or disappear when IIS recycles (like you said).
I'd go with keeping the values in ViewState or a cookie.
If it is not sensitive data, I would also prefer to store it in the HTML rather than the session.
I'm trying to understand when I can put certain objects into a users session and am wondering how the session is stored and values retrieved from it. If I make a request to pull Key A from the session state will it also read Key B?
I know that viewstate is stored as one big object andn I am going ot assume that it is then accessed from my code once it's been entireely loaded. Is this similar for session state data or does it only load the keys that are requested form the server.
So if my state is 20KB and I want to get a value that's 5KB from it will it read all 20KB or just the 5KB that I need?
By default, session state is stored in memory until the session expires (a period of inactivity from a given user). The view state is not stored at all between requests, but is actually sent to the page as a hidden form field. This data is sent back to the server on subsequent requests.
To answer your question, the default behavior is that the entire session is ALREADY loaded so whether or not you actually access it, it is there and in memory.
There are several options for managing this however, and you can find an excellent reference here:
http://msdn.microsoft.com/en-us/library/z1hkazw7.aspx
By default, a users session is stored in memory. You could configure it to be stored in the database, but it is serialized, and read out completely when re-instantiated.
So yes, if you have 20KB worth of data in your users session, it will always use 20KB of memory.
Please anyone explain me the difference between ViewState,Application and Session of a Page ?
Quick one liners - if you want more detail, just ask
ViewState is the variable that holds the current state of the page, which is held in a hidden field in the page (used frequently)
ApplicationState is a variable you can store values in during the life off the application (may get cycled periodically, and without your knowledge) (used less-frequently)
Session is the variable you can write to that will persist from the moment they hit your site until they close the browser. (barring any timeouts). (used frequently)
A great article :
How to Choose From Viewstate, Session, Application, Cache, and Cookies
Some good discussion about the difference between Session and Viewstate : Session Vs ViewState
Session state is saved on the server.
Session state is usually cleared after a period of inactivity from the user.
Can be persisted in memory, which makes it a fast solution. Which means state cannot be shared in the Web Farm/Web Garden.
Can be persisted in a Database, useful for Web Farms / Web Gardens.
Is Cleared when the session dies - usually after 20min of inactivity.
ViewState is saved in the page.
The view state is posted on subsequent post back in a hidden field.
Is sent back and forth between the server and client, taking up bandwidth.
Has no expiration date.
Is useful in a Web Farm / Web Garden
SESSION Variables are stored on the server, can hold any type of data including references, they are similar to global variables in a windows application and use HTTP cookies to store a key with which to locate user's session variables.
VIEWSTATE Variables are stored in the browser (not as cookies) but in a hidden field in the browser. Also Viewstate can hold only string data or serializable objects.
When we use view state to design a web application it retains it's state consistently, in it's current position. If we use session then it does not retain it's state, so when we refresh the browser it starts from the initial page.