I have inherited a very large ASP.NET app that needs to be modified to use a State Server instead of in-proc sessions. I need to track down all classes used in session throughout the app and then determine if they can be serialized. Are there any tools that can be used to analyze the code to determine the classes used in session?
In Visual Studio you could do a search with wildcard mapping and search for a pattern like Session[*=.
Another one would be to use the Immediate Window while debugging and requesting what's in the Session state after navigating your site. Not full proof but it can already help.
Another technique would be just to set session state to Sql Server or state manager mode (out of process), debug and see where it starts to complain if the objects cannot be serialized. In the same time you also tested your application again thoroughly.
You can easily get a quick "snapshot" of the current session objects using the following (C#) code:
BinaryFormatter b = new BinaryFormatter();
StringBuilder debug = new StringBuilder();
MemoryStream m;
foreach (String s in Session.Keys) {
// try to serialize the object
var obj = Session[s];
if (obj != null) {
m = new MemoryStream();
try {
b.Serialize(m, obj);
debug.AppendFormat("{0}: {1} bytes\n", s, m.Length);
}
catch (Exception ex) {
debug.AppendFormat("ERROR: {0}, Message: {1}\n", s, ex.Message);
}
}
}
Then display the "debug" string in your favorite text container.
This is helpful because simply switching to State Manager / SQL Server will indeed tell you what can't be serialized, but it will stop at the first non-serializable object. It also won't tell you which key "owns" that object.
Code adapted from this Stackoverflow answer.