Not Using Session in ASP.NET means Session Affinity/Sticky Sessions Not Necessary in Web Farms!

So, I’ve always incorrectly thought that somehow, the cookie stored in asp.net was somehow tied to the Session provider in asp.net.  Turns out I’m wrong.  This came up because I was discussing with another engineer whether we need to bother with a Session provider since we do not use Session in our web application.  That is, we don’t ever store information by saying something like:

Session[“MyKey1”] = “MyShoppingCartInfo1”;

My assumption was that somehow, the Cookie planted on the client’s browser was in lock step with the IIS server through Session and that even if we did not store Session data, we still had to hook up a Session Provider.  Wrong I am.

I emailed Stefan Schackow, a Microsoft employee who is an expert on all things secure around IIS and ASP.NET and he assured me of this fact.  In fact, I’m going to quote (with his permission) what he told me.

If your app doesn’t use Session anywhere then it doesn’t matter.  We don’t internally rely on session state for anything.  You could literally pull the SessionStateModule out of the configured httpModules list and it would have no effect.

This is a point of confusion for developers because the term “session” is overloaded.  For some of the EJB platforms “session” implies things like authenticated sessions.  But for ASP.NET session is just a bag of data – if your application doesn’t use it, you can completely ignore the feature.

I hope this helps you if you were misguided like I was.

About Peter Kellner

Peter is a software professional specializing in mobile and web technologies. He has also been a Microsoft MVP for the past 7 years. To read more about Peter Kellner and his experience click here. For information about how Peter Kellner might be able to help you with your project click here.

Follow me:


Comments

  1. Celexa Over The Counter Medicines http://www.firefoxdownloads.net/ – order doxycycline It is also used in treating chronic prostatis, chlamydia, sinusitis, syphilis and pelvic inflammatory disease. http://www.firefoxdownloads.net/ – order doxycycline

  2. The style of writing is very familiar to me. Have you written guest posts for other bloggers?
    p.s. Year One is already on the Internet and you can watch it for free.

Your Comments

*

Protected with IP Blacklist CloudIP Blacklist Cloud

Follow

Get every new post delivered to your Inbox

Join other followers: