Hi,
Is is possible to say something like
"If you have those situations then SessionState is a must to use for storing your values between postbacks."
Can you list me the basic reasons which forces an asp.net developer to switch SessionState from ViewState or HiddenFields or querystrings?
thanks
Session state is used whenever you want to keep information
The on the server part is for security reasons. You don't want to pass around information which is security prone to the browser in viewstate, hiddenfields or a querystring. These 3 can be read easily.
Also make sure not to put too much information in Session state or when you do then reconsider using an out of process approach like using state manager or sql server.
Sometimes it saves some effort when you have a user-specific object that will travel as it is while user navigation over more than two pages.
When the user data is sensitive you cannot use client techniques to save it and if you encrypted it you will get into performance problems by encrypting and decrypting the data every time you work on especially in large systems when the aspx page have thousands of code lines(the performance is bad enough to hit)
To add to the answers already received:
If you have data that is unique to one user, relatively expensive to get/create but doesn't require too much memory to store then you have a good candidate.
An example is data fetched from an expensive database query or data retrieved from a remote web service.
ViewState, Hidden fields and query strings should be used for small amounts of data that are not sensitive.
Allowing the user to enter data via the query string can be especially useful, since users can make bookmarks containing these data.