User + session handling with ASP.NET and mySQL solution

Question

Hey! I've been reading around the web about different alternatives to keeping track of users but I can't seem to find the "perfect" solution for my situation.

The app will (hopefully) be high-volume so I'd like to design with scalability in mind. It might be necessary to host the site using several web-servers so session mode InProc won't work, right? It's kept in memory of the current web-server and since the user might jump from web-server to web-server I can't be sure the session will be kept connected to the user.

Do I need to make a custom membership and role provider that works with mySQL to be able to use the .NETs standard user handling systems (like FormsAuthentication that can handle session stuff from what I've understood)?

Best practices are very welcome as well as empirical experiences of similar scenarios. (Of course any feedback is welcome really :) )

Answer 1

MySQL

Marvin Palmer has an article on Implementing .NET Membership and Roles using MySql.

Session

In terms of handling Session state, you're correct in your assumptions above. You can implement Sticky sessions to ensure that visitors are routed to the same web server. This might be an optimization before its time, though. Face those challenges when you get to them.

You can help yourself out by ensuring that you abstract away all your Session["foo"] calls right now into a static class. If you haven't already, make a static class whose job is solely to deal with setting/getting session values. Make a property for each key, and access them from your application as MySessionMgr.CustomerID;. When/if your session persistence mechanism changes, you only have to change it in that class.

In the future, you might consider Windows Server AppFabric (previously codenamed Velocity), Microsoft's multiple server shared session technology.