Download presentation
Presentation is loading. Please wait.
Published byAdele Blair Modified over 9 years ago
1
IT533 Lectures Session Management in ASP.NET
2
Session Tracking 2 Personalization Personalization makes it possible for e-businesses to communicate effectively with their customers. Online shopping sites often store personal information for customers, tailoring notifications and special offers to their interests. Privacy A trade-off exists, however, between personalized e-business service and protection of privacy. Some consumers fear the possible adverse consequences if the info they provide to e-businesses is released or collected by tracking technologies.
3
Session Tracking 3 Recognizing Clients To provide personalized services to consumers, e-businesses must be able to recognize clients when they request information from a site. HTTP is a stateless protocol—it does not support persistent connections that would enable web servers to maintain state information between requests. Tracking individual clients, known as session tracking, can be achieved in a number of ways. Using cookies. Using ASP.NET’s HttpSessionState object. Using “ hidden ” form elements. Embedding session-tracking information directly in URLs.
4
Session Tracking - Cookies 4 Cookies are pieces of data stored in a small text file on the user’s computer. A cookie maintains information about the client during and between browser sessions. Every HTTP-based interaction between a client and a server includes a header containing information about the request or response. When a web server receives a request, the header includes any cookies that have been stored on the client machine by that server. When the server formulates its response, the header contains any cookies the server wants to store on the client computer.
5
Session Tracking - Cookies 5 The expiration date of a cookie determines how long the cookie remains on the client’s computer. If no expiration date is set, web browser maintains the cookie for the duration of the browsing session. Otherwise, the web browser maintains the cookie until the expiration date occurs. Cookies are deleted when they expire. Most browsers allow 20 cookies per server. The size of a cookie is not more than 4096 bytes or 4 KB. Portability Tip Users may disable cookies in their web browsers to help ensure their privacy. Such users will experience difficulty using web applications that depend on cookies to maintain state information.
6
Example using Cookies Create Options.aspx file with: 1. A Label "Select a programming language:" 2. 5 radio buttons with the values Visual Basic, Visual C#, C, C++, and Java. 3. A Submit button 4. A Hyperlink that navigates to "~/Options.aspx“ 5. A Hyperlink that navigates to "~/Recommendations.aspx“
7
7 Outline Options.aspx.cs (1 of 3 ) Writing Cookies in a Code-Behind File The code-behind file for Options.aspx. Figure. | Code-behind file that writes a cookie to the client. (Part 1 of 3.) For adding new entries, class Dictionary provides method Add, which takes a key and a value as arguments.
8
8 Outline Options.aspx.cs (2 of 3 ) Fig. | Code-behind file that writes a cookie to the client. (Part 2 of 3.) For adding new entries, class Dictionary provides method Add, which takes a key and a value as arguments.
9
9 Outline Options.aspx.cs (3 of 3 ) Fig. | Code-behind file that writes a cookie to the client. (Part 3 of 3.) Create an HttpCookie object, passing a name and a value as arguments. Add the HttpCookie to the Cookies collection sent as part of the HTTP response header.
10
Session Tracking 10 This code writes a cookie to the client machine when the user selects a programming language. A Dictionary is a data structure that stores key/value pairs. For adding new entries, class Dictionary provides method Add, which takes a key and a value as arguments. The expression dictionaryName[ keyName ] returns the value corresponding to key keyName. Create an HttpCookie object, passing a name and a value as arguments. Add the HttpCookie to the Cookies collection sent as part of the HTTP response header.
11
Example using Cookies Create Recommendations.aspx file with: 1. Add a Label “Recommendations“ 2. Add a Listbox 3. Add a Hyperlink that goes back to Options.aspx.
12
12 Outline Recommendations.aspx.cs (1 of 2 ) Code-Behind File That Creates Book Recommendations From Cookies Fig. | Reading cookies from a client to determine book recommendations. (Part 1 of 2.) Retrieve the cookies from the client using the Request object’s Cookies property.
13
13 Outline Recommendations.aspx.cs (2 of 2 ) Fig. | Reading cookies from a client to determine book recommendations. (Part 2 of 2.) Use the Name and Value properties of an HttpCookie to access its data.
14
Session Tracking 14 Retrieve the cookies from the client using the Request object’s Cookies property. This returns an HttpCookieCollection containing cookies that were previously written to the client. Cookies can be read by an application only if they were created in the domain in which the application is running. Use the Name and Value properties of an HttpCookie to access its data.
15
Session Tracking 15 Some commonly used HttpCookie properties: Fig. | HttpCookie properties. (Part 1 of 2.)
16
Session Tracking 16 Fig. | HttpCookie properties. (Part 2 of 2.)
17
Session What is a session? Context in which a user communicates with a server over multiple HTTP requests Within the scope of an ASP.NET Application HTTP is a stateless, sessionless protocol ASP.NET adds the concept of “session” Session identifier: 120 bit ASCII string Session variables: store data across multiple requests
18
Example for Session Let’s modify the Cookies example to use Session Use HttpSessionState instead of Cookies
19
19 Outline Options.aspx a)b) c)d)
20
Session Tracking 20 We keep the EnableSessionState property’s default setting— True. Every Web Form includes an HttpSessionState object, which is accessible through property Session of class Page. When the web page is requested, an HttpSessionState object is created and assigned to the Page ’s Session property. A distinct HttpSessionState resides on the server, whereas a cookie is stored on the user’s client. Like a cookie, an HttpSessionState object can store name/value pairs. The name/value pairs stored in a Session object are often referred to as session items.
21
21 Outline Options.aspx.cs (1 of 3 ) Adding Session Items Fig. | Creates a session item for each programming language selected by the user on the ASPX page. (Part 1 of 3.)
22
22 Outline Options.aspx.cs (2 of 3 ) Fig. | Creates a session item for each programming language selected by the user on the ASPX page. (Part 2 of 3.)
23
23 Outline Options.aspx.cs (3 of 3 ) Fig. | Creates a session item for each programming language selected by the user on the ASPX page. (Part 3 of 3.) Call Add to place a session item in the HttpSessionState object. Property SessionID contains the unique session ID, which identifies each unique client. Property Timeout specifies the amount of time that an HttpSessionState object can be inactive before it is discarded.
24
Session Tracking 24 Call Add to place a session item in the HttpSessionState object. If you add an attribute that has the same name as an attribute previously stored in a session, the object associated with that attribute is replaced. Another common syntax for placing a session item in the HttpSessionState object is Session[ name ] = value.
25
Session Tracking 25 Property SessionID contains the unique session ID, which identifies each unique client. Property Timeout specifies the amount of time that an HttpSessionState object can be inactive before it is discarded. By default, a session times out after twenty minutes.
26
Session Identifier By default, session id is stored in a cookie Can optionally track session id in URL Requires no code changes to app All relative links continue to work
27
Session Tracking 27 Some common HttpSessionState properties:
28
28 Outline Recommendations.aspx.cs (1 of 2 ) Code-Behind File That Creates Book Recommendations from a Session Fig. | Session data used to provide book recommendations to the user. (Part 1 of 2.) Use the Session object’s Count property to determine if the user has selected any languages. The Keys property of class HttpSessionSta te returns a collection containing all the keys in the session.
29
29 Outline Recommendations.aspx.cs (2 of 2 ) Fig. | Session data used to provide book recommendations to the user. (Part 2 of 2.) The value in a key/value pair is retrieved from the Session object by indexing the Session object with the key name.
30
Session Tracking 30 The Keys property of class HttpSessionState returns a collection containing all the keys in the session. The value in a key/value pair is retrieved from the Session object by indexing the Session object with the key name.
31
Session Variables ASP stores session state in IIS process State is lost if IIS crashes Can’t use session state across machines ASP.NET stores session state: In another process: ASP State NT service In SQL Server database
32
Session Variables “Live” objects are not stored in session state Instead, ASP.NET serializes objects out between requests ASP.NET approach provides: Ability to recover from application crashes Ability to recover from IIS crash/restart Can partition an application across multiple processes (called a Web Garden) Can partition an application across multiple machines (called a Web Farm)
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.