Explain the importance of managing session state in a Web application
Use the session state manager (the Session object)
Configure session state
Store session state on a state server
Store session state in a database
This chapter covers managing session state within your ASP.NET application. Programming Web applications requires you to be very mindful of how the state of your application is distributed at any moment. One of the most important types of state in a Web application is session state—the state associated with a single particular session. Because Web applications are distributed by nature, keeping track of any single client has to be done deliberately.
ASP.NET session state support is extensive, reliable, and flexible—offering many advantages over the session state support available in classic ASP. For starters, ASP.NET session state is handled by the Session object—an object dictionary that's automatically created with each new session (if you have session state enabled). The Session object is easily accessible through the HttpContext object, which you can reference at any point during the request. The process of associating user state with a particular user's session is handled automatically by ASP.NET. Whenever you want to access session state, you just grab it from the context (it's also mapped into a member variable living on the page). You may choose how ASP.NET tracks session state, and you may even tell ASP.NET where to store session state.
Let's begin with a look at how various pieces of state are managed by ASP.NET, and the gap filled by the session state manager.