Session state is used to maintain data for an individual user for the duration of their interaction with a web site. Our application used an “InProc” session, which maintained state in memory. This made development painful because a recompile forced a new login to the web site. We changed to an “SQLServer” session which solved the login problem; you can just carry on where you are after a recompile. Asp.net, Session State, web.config, Sql Server.
Session State is defined in the web.config file:
<configuration> <system.web> <sessionState mode="InProc"/>
- InProc: stores session state in memory on the Web server. (Default).
- StateServer: stores session state in a separate process called the ASP.NET state service. This preserves state if the Web application is restarted and also works in a server farm model.
- SQLServer: State is preserved in Sql Server.
To configure SQLServer mode:
- In web.config:
<sessionState mode="SQLServer" sqlConnectionString="Data Source=(local);Integrated Security=SSPI;"/>
- From a VS Cmd Line, create a database ‘ASPState’ for storing the data:
aspnet_regsql.exe -S (local) -E -ssadd -sstype p
- In Sql Server:
- Add login NT AUTHORITY\NETWORK SERVICE
- Give this user mapping to the ASPState database
- And add roles db_owner, public
I’m using the IIS 6 web server. The asp.net process, w3wp.exe, by default runs as NETWORK SERVICE. On IIS 5, the ASP.NET worker process, Aspnet_wp.exe, runs as the ASPNET account by default. So in the steps above, if you’re using IIS 5, you will have to tweak the database login.