Wednesday, 23 July 2014

State management in ASP.NET



State management in ASP.NET

  • State management is a technique to manage a state of an object on different request.
  • The HTTP protocol is the fundamental protocol of the World Wide Web. HTTP is a stateless protocol means every request is from new user with respect to web server. HTTP protocol does not provide you with any method of determining whether any two requests are made by the same person.
  • State management means to preserve state of a control, web page, object/data, and user in the application explicitly because all ASP.NET web applications are stateless, i.e., by default, for each page posted to the server, the state of controls is lost. Nowadays all web apps demand a high level of state management from control to application level.
  •  State management is the process by which you maintain state and page information over multiple requests for the same or different pages. 
  •  For any HTTP based protocol it is true that Web Forms are stateless and for each new request to the web server web pages are destroyed and recreated. As a result we do not get page information beyond the life cycle of a single page. State is the ability of a web application to retain user information and therefore state management becomes an important issue in developing web application.


  
·        State management is the process by which you maintain state and page information over multiple requests for the same or different pages. ASP.NET includes several options that help you preserve data on both a per-page basis and an application-wide basis.
Maintaining state is important in any web application. There are two types of state management system in ASP.NET.

1.       Client-Based State Management
2.       Server-Based State Management

Client-Based State Management:

Client based state management techniques stores data on the client in various ways. Client based state management techniques are:

A.      View state
B.      Control state
C.      Hidden fields
D.      Cookies
E.       Query strings

View state:

The view state represents the state of the page when it was last processed on the server. It's used to build a call context and retain values across two successive requests for the same page. By default, the state is persisted on the client using a hidden field added to the page and is restored on the server before the page request is processed.

If the amount of data stored in the ViewState() property exceeds the specified value in the MaxPageStateFieldLength() property, multiple hidden fields are used to store View state data.

Advantages:

a)      Server resources not required.
b)      Simple implementation
c)      Automatic retention of page and control state
d)      Enhanced security features. The values in view state are hashed, compressed, and encoded   for Unicode implementations.

Disadvantages:

a)      Scope is limited to only single page.
b)      Performance. The view state is stored in the page itself, so increase the page size.
c)      Security. The view state is stored in a hidden field on the page. Although view state stores data in a hashed format, it can be tampered with. 

Control state:

If you create a custom control that requires view state to work properly, you should use control state to ensure your control work properly though developers disable view state. The ControlState() property allows you to persist property information that is specific to a control and cannot be turned off like the ViewState() property.

Advantages:
  
a)      Server resources not required.
b)      Reliable. Because control state cannot be turned off like ViewState.

Disadvantages:

a)       Some programming is required.

Hidden Fields:

A hidden field acts as a repository for any page-specific information that you want to store directly in the page. ASP.NET allows you to store information in a HiddenField control, which renders as a standard HTML hidden field. A hidden field does not render visibly in the browser.
You must submit the page using an HTTP POST command in order for hidden-field values to be available.

Advantages:
  
a)      Server resources not required.
b)      Simple implementation
c)       Widespread support.

Disadvantages:

a)      Potential security risk.
b)      Performance. The hidden fields are stored in the page itself, so increase the page size.
c)       Does not support rich data types to store.

 Cookies:

A cookie is a small amount of data that is stored either in a text file on the client file system or in-memory in the client browser session. Browser sends with cookies values with every page request to the same server. Cookies can be temporary or persistent.

Advantages:

a)      Server resources not required.
b)      Simple implementation
c)       Configurable expiration rules
d)      Data persistent.

Disadvantages:

a)      Size limitation: Most browsers support maximum 4096 bytes cookies.
b)       User configuration refusal: User can disable cookies in their browser.
c)      Security risk: Can be tempered.  

Query strings:

A query string is information that is appended to the end of a page URL. Query strings provide a simple but limited way to maintain state information.  Some browsers and client devices impose a 2083 character limit on the length of the URL.
You must submit the page using an HTTP POST command in order for query string values to be available.

Advantages:

a)      Server resources not required.
b)        Simple implementation
c)        Widespread support.

Disadvantages:

a)      Size limitation: Some browser limits 2083 chars on the length of URLs.
b)        Security risk: Information is visible to the user.  

Server-Based State Management:

Server based state management techniques store data in memory on the server.  Server based state management techniques are:

A.      Application state
B.      Session state
C.      Profile Properties

Application state:

Application state provides a method of storing data global to whole application. These data are visible to entire application and shared by all active sessions. That’s why Application state variables are global variables for an ASP.Net application.

Advantages:

a)    Simple implementation
b)    Application wide scope

Disadvantages:

a)      Application scope in case of Web Garden or Web Firm.
b)      Limited Durability of data.
c)      Requires server memory.

Session state:

Session state provides a method of storing session specific information that is visible only within the session.

Advantages:   
  
a)       Simple implementation
b)       Session specific events
c)       Data can persists across multiple process

Disadvantages

a)      Application scope
b)      Limited Durability of data.
c)    Requires server memory

Levels of state management 

  •  Control level: In ASP.NET, by default controls provide state management automatically.
  •  Variable or object level: In ASP.NET, member variables at page level are stateless and thus we need to maintain state explicitly.
  • Single or multiple page level: State management at single as well as multiple page level i.e., managing state between page requests.
  • User level: State should be preserved as long as a user is running the application.
  •  Application level: State available for complete application irrespective of the user, i.e., should be available to all users.
  •  Application to application level: State management between or among two or more applications.

Posted by at
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)