passing values between web forms usign session variables

[Rocio]

any comments on this? I always use session variables to pass values
among web forms. That is if I get a username, password in a Login
form, then I pass these to the subsequent Search form as session
variables. The search form needs to know who login to display the
appropriate data.........is this the most efficient way of doing this?

 

[Eric Marvets]

There is a trade off between scalability and session data. As a general
rule, the more data you persist per user, the less scalable the application
will be.

If you don't expect a high amount of traffic, then using session to pass
data back and forth between pages is very simple to use. If you want a
highly scalable application, I would explore other options, that would
require more coding and higher response times for a single user request
(remember, scalability is the ability to handle higher volumes without a
noticeable difference in performance).

You could:
Look at processing most of the data on a single page and leverage Viewstate.
Save only an ID in session and store the values in a session database
(something ASP.NET supports out of the box)
If you pass data in session, release it as soon as possible.


--
Eric Marvets
Principal Consultant

the bang project

<shameless self promotion>

Email (e-mail address removed) for Information on Our Architecture and
Mentoring Services

</shameless self promotion>

 

[Svein Terje Gaup]

Storing data per session also might potentially leave you open to a DoS
attack, because someone could open lots of sessions that each would require
a certain amount of memory. Your server might soon be starving for memory.
If you are using a lot of session, at least you should only allocate it for
logged on users.

Sincerely
Svein Terje Gaup