Why should I not use HTTPContext Session State in my ASP .Net MVC applications?

Hi:

I recall reading a couple of places that folks are discouraging the use of HTTPContext.Current.Session state in ASP .Net web applications.

Can someone explain some of the reasoning behind this recent trend?
Are there solid technical reasons for this?

Thanks,
JohnB
LVL 1
jxbmaSoftware ConsultantAsked:
Who is Participating?
 
Snarf0001Connect With a Mentor Commented:
There's a few reasons for it.

Main concern, is it's often really badly misused, where people are storing large objects (datatables etc) in the session.  For every user that goes to the site, all of the objects stored in their session are stored on the servers memory, so when misused, can quickly crash a system and cause a lot of bloat.

One of the other main concerns is in server farms / load balanced environments.
Where you can't be guaranteed that the server that served Page A, is going to be the same server that give the user Page B, hence the session won't have the same values.  There are some environments that provide "session persistence", where it will tie in a unique user to the same server for every request, but there are a lot more environments that don't.

If you don't have a load balancer / farm, then your main concern is misuse and server memory overhead.
0
 
Carl TawnSystems and Integration DeveloperCommented:
Are you sure they were referring to MVC and not MVC Web API? Not using session for Web API makes sense, but for a standard web application I don't see any real reason not to use session state.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.