Reputation: 1321
Where is the Session stored?
I ask to my friend, where is session stored? At Server or Browser? He said, at the server. Then I said "I think things saved at server called cache".
Then, I go to google search reading article, but I found no specific correct answer, at MSDN too, no specific answer.
Upvotes: 3
Views: 9427
Answers (3)
Reputation: 439
Quick answer: on both sides.
Previously, the session was stored on a server side. This approach implies that you have to go to a server side each time you create or validate session. The session also have to be replicated for all the web-servers. These things can sufficiently harm the performance.
The another one oldschool way to store the session data as a cookie (as it is mentioned in answers). The obvious flow is that cookies has 4kb limit.
In order to overcome it, the World Wide Web Consortium defined the client side sessionStorage, that can be instantly added or validated and does not demand to replicate the data between web-servers.
It can be seen in browser's Dev Tools / Application tab. For example, this is how the session for my Facebook page looks like:
Upvotes: 0
Reputation: 1943
Session itself is stored on the server side.Each browser accessing the server will get from the server unique Session ID. This Session ID browser sends to each page requested to the same server. Session
So on client (browser) side, only Session ID is stored in the browser cookie.
(this is default behavior, when session cookies are enabled in the browser settings... there is also a technique called "URL rewriting" to embed Session ID as URL query parameter, each time the server is called, enabling the application to work even if browser session cookies are disabled)
For more information go through this http://ejvyas.blogspot.in/2010/02/where-is-stored-is-it-in-browser-or-at.html
Upvotes: 2
Reputation: 156978
Usually it is saved in the server's memory, but you can also have a database backed cache. It is never cached on the client, since it can contain information that shouldn't be available to the user, like the password to your database.
The full list of places where you can save the session state can be found on MSDN:
- InProc mode, which stores session state in memory on the Web server. This is the default.
- StateServer mode, which stores session state in a separate process called the ASP.NET state service. This ensures that session state is preserved if the Web application is restarted and also makes session state available to multiple Web servers in a Web farm.
- SQLServer mode stores session state in a SQL Server database. This ensures that session state is preserved if the Web application is restarted and also makes session state available to multiple Web servers in a Web farm.
- Custom mode, which enables you to specify a custom storage provider.
- Off mode, which disables session state.
Upvotes: 3
Related Questions
- What is session and how it is maintained
- Where does IIS store user created sessions?
- location of session data in asp.net project
- Asp.net session storage
- Where asp.net session is kept on iis server
- query regarding sessions in asp.net
- Session in asp.net/c#
- Where are the session variables saved?
- Where session's are stored in IIS 6.0
- What is really stored in Session in ASP.NET?