Multiple Servers / Persistence of variables / ASP.NET

Heres the scenario .... I have an existing application written in standard ASP, this app runs across two different servers which are "fed" by a load balancer on a "round robin" basis. I had problems with the existing app whereby I couldnt use cookies / session variables as once the user is passed to the other server the cookie / session variable is no longer valid. Therefore I had to use a combination of hidden fields / passing user info in querystrings. This is very very messy !!

I have started to re-write in .NET (ASP/VB) and would like to know if there is a smarter way to get around this issue .... for example .. if all my redirects to other pages are within the "code behind" section will the request actually hit the load balancer and go to the other box ... therefore as long as page navigation was done in the "code behind" the user would stay on the first server they actually logged into rather than bouncing between the two ?!?!?

I've only recently started developing in .NET so please be gentle with me in your responses :-) But as this is a fundamental part / problem in the code its something I need to know from the outset rather than having to go back and rewrite later when (and if) I'm a bit more savvy :-) I've got an itch to get going on this hence the high points !

Thanks in advance

Who is Participating?
esandlerConnect With a Mentor Commented:
In ASP.NET you have two options:

1) Save the session state on a dedicated computer.
2) Save the session state inside an SQL server.

In both options all the variables you save in the Session State must be serializable, which means you can't save COM objects in the session state.

Both options are configurable in the web.config file in the sessionState section.

You have an option of saving all the data in the ViewState of the client, but that will cause the data to be sent everytime from the client to the server, similar to what you have now in a speicialized hidden field. This is not very recommend since the first two options are better.

You also have an option if you have a smart load balancer to perform load balancing but to direct a certain session to the same server which created it. This way its not a full load balancing, but if you got 100 users 50 will go to one server and 50 will go to the other and the load balancing will be done according to a session base and not per request.

This option is also applicable to your current ASP application.

Hope it helps.
Hi robert_f,

Although I know you're wanting to field opinions re: .net, have you tried cookies? ...or do those not travel between the 2 servers either?

robert_fAuthor Commented:

I will bow to your expertise :-) .... if you could drop it into the .NET topic area that would be good


I believe I read somewhere that cookies didnt "travel well", also it would be holding things like user id's, e.g. ADMIN1 , ADMIN2 etc ..... I wouldnt want anyone getting clever and trying to find out what would happen if they changed it to ADMIN3 or something. I would prefer the session approach as nothing ends up on the users machine but it is something to think about and would still be better than the existing method of passing ID's thru the querystring etc as I'm having to encrypt all the variables before populating the string and then decrypt them again at the other end for use.


I'm going to drop a line to our hosting company about using the load balancer to direct the sessions as that would solve the problem fairly easily ... I'll let you know (and allocate the points :-)) if its possible ... however could you clarify what you mean by   "Save the session state on a dedicated computer" ..... ?

Thanks all

robert_fAuthor Commented:
Ah ha !!


I think I've partially  answered my last question .... in the web config file where you have :

sqlConnectionString="data source=;Trusted_Connection=yes;"

Can you just set the stateConnectionString to the machine you want to store the sessions on ?? e.g. on both web boxes set this to and likewise for SQL ? If they are stored in SQL I assume you need to create a Db to hold them and point the connection string at it ? Would you then also need to remove the "storage type" your not using (i.e. if I'm using SQL remove the stateConnectionStringLine)  ? ...... and finally .... if this is the case do you know of any performance benefit from using either one ?


ihenryConnect With a Mentor Commented:
>> Can you just set the stateConnectionString to the machine you want to store the sessions on
Yes you can, for example:
sqlConnectionString="data source=MySQLServer;user id=<username>;password=<strongpassword>"

>> If they are stored in SQL I assume you need to create a Db to hold them and point the connection string at it ?
You have two options here, by default .NET framework comes with four installation sql scripts,
1. InstallSqlState.sql and UninstallSqlState.sql, to create the table in tempdb database
2. InstallPersistSqlState.sql and UninstallPersistSqlState.sql, which create a dedicated database.

More information:
1. HOW TO: Configure SQL Server to Store ASP.NET Session State
2. HOW TO: Configure ASP.NET for Persistent SQL Server Session State Management;EN-US;311209
3. ASP.NET Session State
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.