Session FAQ's

Q: What is Session?


  • Session is small block of memory maintained by website at server system
  • For every user separate sesion will be maintained
  • Each sesion can be tracked by using sessionid

Q: What is the length of sessionId?

Ans: 120bit encrypted string

Q: What type of data can be stored in the Session?

Ans: Any type of data can be stored.

Q: How much amount of data can be stored in Session?

Ans: Any amount of data can be stored.

Q: What is default location for Session?

  • In appDomain of website which  is part process memory of worker process
  • For each website separate appDomain will be maintained

Q: In page how can we access session data?

Ans: By using Session collection.

Q: What is default timeout for Session?

Ans: 20mins

Q: How to transfer sessionid between client and server?

Ans:  sessionid can be transmitted in two ways

  1. by using cookie:sessionid will be transmitted by using a cookie called aspnet_sessionid.

Disadvantage: If browser does not support cookies or user has disabled the cookies then it is not possible to hold sessionid

  1. Modified URL:the sessionid will be attached to url of website,then it is called as modified url or munged URL

Q: How to configure Session for application?

Ans: By using SessionState element in Web.config

  <sessionState mode="InProc" timeout="20" cookieless="false"/>

Q: When Session will be destroyed?


  • When ever session timeout period has been expired.
  • When ever webserver has been restarted or web.config file content has been modified.
  • Session can be destroyed intensionally by invoking Session.Abandon().

Q: If user closes browser window, then is session of user is get destroyed or not?


  • No, session memory is not destroyed. But user can not access session data. Once browser has been closed we are loosing sessionid so that session can not be accessed.
  • Session memory will be destroyed once session timeout period has been expired.

Q: What are the events associated with Session?


  1. Session_Start: It will be fired once session memory has been allocated
  2. Session_End: It will be fired before destroying  session memory by garbage collector

Both these event handlers are defined in global.asax file.

Q: What is the difference between Session.Clear() and Session.Abandon()?


Session.Clear() will clear all items of session,but session memory is not destroyed. So that Session_End event is not fired.
Session.Abandon() will destroy the complete session memory so that Sesion_End event will be fired.

Q: What are the different session modes?

Ans: There are 5 modes

  1. Off: It will disable sessionstate for complete website
  2. InProc: It is default mode. Session memory will be allocated in app domain of website.

Advantage: It gives better performance.


  • If trafic is more for website, session may not be maintained for specified timeout period.
  • To allocate memory for new session older sessions will be destroyed automatically
  1. StateServer: Stateserver is windows service. Some of sessions with simple data can be moved to state server.

Disadvantage: Only session with value types can be stored, but not reference types.

  1. SqlServer: A session with any type of data can be stored in SqlServer TempDb tables temporary for longer time, but they will be losted once sqlserver has been restarted


  • Extra burdan of serialization and deserialization.
  • It gives nearly 25% less performance as compared to InProc mode.
  1. Custom: We can maintain session any type of data permanently by creating our own tables and database in sqlserver.


  • Extra burdan of serialization and deserialization.
  • It gives nearly 25% less performance as compared to InProc mode.

Q: Where can we use sesssion data in our website?

Ans: In any webpage for same user.

Q: Is it possible to use session of website in asp website? 

Ans: Yes, it is posible.

Q: How to disable sesion state for a particular page?

Ans: Goto source of .aspx, then add EnableSessionState in Page directive as shown below:

<% Page language="cs" EnableSessionState="false" %>