1 / 32

Session Management in ASP.NET

Session Management in ASP.NET. IT533 Lectures. Session Tracking . Personalization Personalization makes it possible for e-businesses to communicate effectively with their customers.

patsy
Télécharger la présentation

Session Management in ASP.NET

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Session Managementin ASP.NET IT533 Lectures

  2. Session Tracking Personalization • Personalization makes it possible for e-businesses to communicate effectively with their customers. • Online shopping sites often store personal information for customers, tailoring notifications and special offers to their interests. Privacy • A trade-off exists, however, between personalized e-business service and protection of privacy. • Some consumers fear the possible adverse consequences if the info they provide to e-businesses is released or collected by tracking technologies.

  3. Session Tracking Recognizing Clients • To provide personalized services to consumers, e-businesses must be able to recognize clients when they request information from a site. • HTTP is a stateless protocol—it does not support persistent connections that would enable web servers to maintain state information between requests. • Tracking individual clients, known as session tracking, can be achieved in a number of ways. • Using cookies. • Using ASP.NET’s HttpSessionState object. • Using “hidden” form elements. • Embedding session-tracking information directly in URLs.

  4. Session Tracking - Cookies • Cookies are pieces of data stored in a small text file on the user’s computer. • A cookie maintains information about the client during and between browser sessions. • Every HTTP-based interaction between a client and a server includes a header containing information about the request or response. • When a web server receives a request, the header includes any cookies that have been stored on the client machine by that server. • When the server formulates its response, the header contains any cookies the server wants to store on the client computer.

  5. Session Tracking - Cookies • The expiration date of a cookie determines how long the cookie remains on the client’s computer. • If no expiration date is set, web browser maintains the cookie for the duration of the browsing session. • Otherwise, the web browser maintains the cookie until the expiration date occurs. • Cookies are deleted when they expire. Portability Tip Users may disable cookies in their web browsers to help ensure their privacy. Such users will experience difficulty using web applications that depend on cookies to maintain state information.

  6. Example using Cookies • Create Options.aspx file with: • A Label "Select a programming language:" • 5 radio buttons with the values Visual Basic 2008, Visual C# 2008, C, C++, and Java. • A Submit button • A Hyperlink that navigates to "~/Options.aspx“ • A Hyperlink that navigates to "~/Recommendations.aspx“

  7. Outline Writing Cookies in a Code-Behind File • The code-behind file for Options.aspx. Options.aspx.cs (1 of 3 ) For adding new entries, class Dictionary provides method Add, which takes a key and a value as arguments. Figure. |Code-behind file that writes a cookie tothe client. (Part 1 of 3.)

  8. Outline Options.aspx.cs (2 of 3 ) For adding new entries, class Dictionary provides method Add, which takes a key and a value as arguments. Fig. |Code-behind file that writes a cookie tothe client. (Part 2 of 3.)

  9. Outline Options.aspx.cs (3 of 3 ) Create an HttpCookie object, passing a name and a value as arguments. Add the HttpCookie to the Cookies collection sent as part of the HTTP response header. Fig. |Code-behind file that writes a cookie tothe client. (Part 3 of 3.)

  10. Session Tracking • This code writes a cookie to the client machine when the user selects a programming language. • A Dictionary is a data structure that stores key/value pairs. • For adding new entries, class Dictionary provides method Add, which takes a key and a value as arguments. • The expression dictionaryName[ keyName ] returns the value corresponding to key keyName. • Create an HttpCookie object, passing a name and a value as arguments. • Add the HttpCookie to the Cookies collection sent as part of the HTTP response header.

  11. Example using Cookies • Create Recommendations.aspx file with: • Add a Label “Recommendations“ • Add a Listbox • Add a Hyperlink that goes back to Options.aspx.

  12. Outline Code-Behind File That Creates Book Recommendations From Cookies Recommendations.aspx.cs (1 of 2 ) Retrieve the cookies from the client using the Request object’s Cookies property. Fig. |Reading cookies from a client to determine book recommendations. (Part 1 of 2.)

  13. Outline Recommendations.aspx.cs (2 of 2 ) Use the Name and Value properties of an HttpCookie to access its data. Fig. |Reading cookies from a client to determine book recommendations. (Part 2 of 2.)

  14. Session Tracking • Retrieve the cookies from the client using the Request object’s Cookies property. • This returns an HttpCookieCollection containing cookies that were previously writtento the client. • Cookies can be read by an application only if they were created in the domain in which the applicationis running. • Use the Name and Value properties of an HttpCookie to access its data.

  15. Session Tracking • Some commonly used HttpCookie properties: Fig. |HttpCookie properties. (Part 1 of 2.)

  16.  Session Tracking Fig. |HttpCookie properties. (Part 2 of 2.)

  17. Session • What is a session? • Context in which a user communicates with a server over multiple HTTP requests • Within the scope of an ASP.NET Application • HTTP is a stateless, sessionless protocol • ASP.NET adds the concept of “session” • Session identifier: 120 bit ASCII string • Session variables: store data across multiple requests

  18. Example for Session • Let’s modify the Cookies example to use Session • Use HttpSessionState instead of Cookies

  19. Outline a) b) Options.aspx (4 of 4 ) c) d) Fig. 22.29|ASPX file that presents a list of programminglanguages. (Part 4 of 4.)

  20. Session Tracking • We keep the EnableSessionState property’s default setting—True. • Every Web Form includes an HttpSessionState object, which is accessible through property Session of class Page. • When the web page is requested, an HttpSessionState object is created and assigned to the Page’s Session property. • A distinct HttpSessionState resides on the server, whereas a cookie is stored on the user’s client. • Like a cookie, an HttpSessionState object can store name/value pairs. • The name/value pairs stored in a Session object are often referred to as session items.

  21. Adding Session Items Outline Options.aspx.cs (1 of 3 ) Fig. |Creates a session item for each programming language selected by the user on the ASPX page. (Part 1 of 3.)

  22. Outline Options.aspx.cs (2 of 3 ) Fig. |Creates a session item for each programming language selected by the user on the ASPX page. (Part 2 of 3.)

  23. Outline Options.aspx.cs (3 of 3 ) Call Add to place a session item in the HttpSessionState object. Property SessionID contains the unique session ID, which identifies each unique client. Property Timeout specifies the amount of time that an HttpSessionState object can be inactive before it is discarded. Fig. |Creates a session item for each programming language selected by the user on the ASPX page. (Part 3 of 3.)

  24. Session Tracking • Call Add to place a session item in the HttpSessionState object. • If you add an attribute that has the same name as an attribute previously stored in a session, the object associated with that attribute is replaced. • Another common syntax for placing a session item inthe HttpSessionState object is Session[name]=value.

  25. Session Tracking • Property SessionID contains the unique session ID, which identifies each unique client. • Property Timeout specifies the amount of time that an HttpSessionState object can be inactive before it is discarded. • By default, a session times out after twenty minutes.

  26. Session Identifier • By default, session id is stored in a cookie • Can optionally track session id in URL • New in ASP.NET • Requires no code changes to app • All relative links continue to work • <configuration> • <sessionstate cookieless=“true”/> • </configuration>

  27. Session Tracking • Some common HttpSessionState properties:

  28. Outline Code-Behind File That Creates Book Recommendations from a Session Recommendations.aspx.cs (1 of 2 ) Use the Session object’s Count property to determine if the user has selected any languages. The Keys property of class HttpSessionState returns a collection containing all the keys in the session. Fig. |Session data used to provide book recommendationsto the user. (Part 1 of 2.)

  29. Outline Recommendations.aspx.cs (2 of 2 ) The value in a key/value pair is retrieved from the Session object by indexing the Session object with the key name. Fig. |Session data used to provide book recommendationsto the user. (Part 2 of 2.)

  30. Session Tracking • The Keys property of class HttpSessionState returns a collection containing all the keys in the session. • The value in a key/value pair is retrieved from the Session object by indexing the Session object with the key name.

  31. Session Variables • ASP stores session state in IIS process • State is lost if IIS crashes • Can’t use session state across machines • ASP.NET stores session state: • In another process: ASP State NT service • In SQL Server database

  32. Session Variables • “Live” objects are are not stored in session state • Instead, ASP.NET serializes objects out between requests • ASP.NET approach provides: • Ability to recover from application crashes • Ability to recover from IIS crash/restart • Can partition an application across multiple processes (called a Web Garden) • Can partition an application across multiple machines (called a Web Farm)

More Related