[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


Multiple Servers / Persistence of variables / ASP.NET

Posted on 2004-04-18
Medium Priority
Last Modified: 2013-11-25
Heres the scenario .... I have an existing application written in standard ASP, this app runs across two different servers which are "fed" by a load balancer on a "round robin" basis. I had problems with the existing app whereby I couldnt use cookies / session variables as once the user is passed to the other server the cookie / session variable is no longer valid. Therefore I had to use a combination of hidden fields / passing user info in querystrings. This is very very messy !!

I have started to re-write in .NET (ASP/VB) and would like to know if there is a smarter way to get around this issue .... for example .. if all my redirects to other pages are within the "code behind" section will the request actually hit the load balancer and go to the other box ... therefore as long as page navigation was done in the "code behind" the user would stay on the first server they actually logged into rather than bouncing between the two ?!?!?

I've only recently started developing in .NET so please be gentle with me in your responses :-) But as this is a fundamental part / problem in the code its something I need to know from the outset rather than having to go back and rewrite later when (and if) I'm a bit more savvy :-) I've got an itch to get going on this hence the high points !

Thanks in advance

Question by:robert_f
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Accepted Solution

esandler earned 1000 total points
ID: 10853149
In ASP.NET you have two options:

1) Save the session state on a dedicated computer.
2) Save the session state inside an SQL server.

In both options all the variables you save in the Session State must be serializable, which means you can't save COM objects in the session state.

Both options are configurable in the web.config file in the sessionState section.

You have an option of saving all the data in the ViewState of the client, but that will cause the data to be sent everytime from the client to the server, similar to what you have now in a speicialized hidden field. This is not very recommend since the first two options are better.

You also have an option if you have a smart load balancer to perform load balancing but to direct a certain session to the same server which created it. This way its not a full load balancing, but if you got 100 users 50 will go to one server and 50 will go to the other and the load balancing will be done according to a session base and not per request.

This option is also applicable to your current ASP application.

Hope it helps.

Expert Comment

ID: 10854003
Hi robert_f,

Although I know you're wanting to field opinions re: .net, have you tried cookies? ...or do those not travel between the 2 servers either?


Author Comment

ID: 10854134

I will bow to your expertise :-) .... if you could drop it into the .NET topic area that would be good


I believe I read somewhere that cookies didnt "travel well", also it would be holding things like user id's, e.g. ADMIN1 , ADMIN2 etc ..... I wouldnt want anyone getting clever and trying to find out what would happen if they changed it to ADMIN3 or something. I would prefer the session approach as nothing ends up on the users machine but it is something to think about and would still be better than the existing method of passing ID's thru the querystring etc as I'm having to encrypt all the variables before populating the string and then decrypt them again at the other end for use.


I'm going to drop a line to our hosting company about using the load balancer to direct the sessions as that would solve the problem fairly easily ... I'll let you know (and allocate the points :-)) if its possible ... however could you clarify what you mean by   "Save the session state on a dedicated computer" ..... ?

Thanks all


Author Comment

ID: 10857137
Ah ha !!


I think I've partially  answered my last question .... in the web config file where you have :

sqlConnectionString="data source=;Trusted_Connection=yes;"

Can you just set the stateConnectionString to the machine you want to store the sessions on ?? e.g. on both web boxes set this to and likewise for SQL ? If they are stored in SQL I assume you need to create a Db to hold them and point the connection string at it ? Would you then also need to remove the "storage type" your not using (i.e. if I'm using SQL remove the stateConnectionStringLine)  ? ...... and finally .... if this is the case do you know of any performance benefit from using either one ?


LVL 20

Assisted Solution

ihenry earned 1000 total points
ID: 10937337
>> Can you just set the stateConnectionString to the machine you want to store the sessions on
Yes you can, for example:
sqlConnectionString="data source=MySQLServer;user id=<username>;password=<strongpassword>"

>> If they are stored in SQL I assume you need to create a Db to hold them and point the connection string at it ?
You have two options here, by default .NET framework comes with four installation sql scripts,
1. InstallSqlState.sql and UninstallSqlState.sql, to create the table in tempdb database
2. InstallPersistSqlState.sql and UninstallPersistSqlState.sql, which create a dedicated database.

More information:
1. HOW TO: Configure SQL Server to Store ASP.NET Session State
2. HOW TO: Configure ASP.NET for Persistent SQL Server Session State Management
3. ASP.NET Session State

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In my previous two articles we discussed Binary Serialization (http://www.experts-exchange.com/A_4362.html) and XML Serialization (http://www.experts-exchange.com/A_4425.html). In this article we will try to know more about SOAP (Simple Object Acces…
Entering time in Microsoft Access can be difficult. An input mask often bothers users more than helping them and won't catch all typing errors. This article shows how to create a textbox for 24-hour time input with full validation politely catching …
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question