When should I consider to use SessionState to keep my variable values?

Question

Is is possible to say something like

"If you have those situations then SessionState is a must to use for storing your values between postbacks."

Can you list me the basic reasons which forces an asp.net developer to switch SessionState from ViewState or HiddenFields or querystrings?

thanks

Answer 1

• Sometimes it saves some effort when you have a user-specific object that will travel as it is while user navigation over more than two pages.

• When the user data is sensitive you cannot use client techniques to save it and if you encrypted it you will get into performance problems by encrypting and decrypting the data every time you work on especially in large systems when the aspx page have thousands of code lines(the performance is bad enough to hit)

Answer 2

Session state is used whenever you want to keep information

• per user
• on the server

The on the server part is for security reasons. You don't want to pass around information which is security prone to the browser in viewstate, hiddenfields or a querystring. These 3 can be read easily.

Also make sure not to put too much information in Session state or when you do then reconsider using an out of process approach like using state manager or sql server.