State Management Techniques in Asp.Net

State Management:

Web Pages developed in ASP.Net are HTTP based and HTTP protocol is a stateless protocol so web page is a stateless, which means that it is not capable of storing any information by itself. Because whenever a request for a web page comes from the client, by post-back of a web page the same page will not be returned to the client after processing. So all information associated with the page and the controls on the page would be lost with each round trip. 

Example :of a stateless webpage is that a user is filling its online bank registration form and by mistake it fills some wrong information and after click on submit button its returned back due to invalid information, on this stage user would lost its whole filled information which he was filling from last one hour. So this kind of situations makes the need of State Management of a web page.
State management is the process by which you maintain state and page information over multiple requests for the same or different pages. ASP.Net technology offers following state management techniques

Types of State Management in Asp.Net :-

• Client side state Management
• Server side state Management

CLIENT SIDE STATE MANAGEMENT

• View state
• Hidden Frames
• Hidden Fields
• Cookies
• Query strings

View State:-

View State is a mechanism which page state is maintained between page post backs. The view state is internally maintained as a hidden field on the page but is hashed.

Benefits of View State:-

• No server resources are required because state is in  a structure  in the page code.
• Simplicity
• States are maintained automatically.
• The values in view state are hashed, compressed, and encoded, thus representing a higher state of security than hidden fields
• View state is good for caching data in Web frame configurations because the data is cached on the client

Limitations of View State:-

• Page loading and posting performance decreases when large values are stored because view state is stored in the page.
• Although view state stores data in a hashed format, it can still be tampered because it is stored in a hidden field on the page. The information in the hidden field can also be seen if the page output source is viewed directly, creating a potential security risk.

Hidden Fields:- 

Hidden fields does not render the visibility in the browser but you can set the properties  just as you can with a standard  controls. When the page is submitted to the server, the content of the hidden fields is sent in the http form collection along with the value of the collection.

Benefits of using Hidden fileds:-

• They are simple to implement.
• As data is cached on client side, they work with Web Farms.
• All browsers support hidden field.
• No server resources are required

Limitation of Hidden Fields:-

• They can be tampered creating a security hole.
• Page performance decreases if you store large data, as the data are stored in pages itself.
• Hidden fields do not support rich structures as HTML hidden fields are only single
  valued. Then you have to work around with delimiters etc to handle complex structures

Hidden Frames:- 

Benefits of using hidden frames:-

• You can cache more than one data field.
• The ability to cache and access data items stored in different hidden forms.
• The ability to access JScript® variable values stored in different frames if they come from the same site.

The limitations of using hidden frames are:

• Hidden frames are not supported on all browsers.
• Hidden frames data can be tampered thus creating security hole.

Cookies: -

Cookines can be defined as small amount of memory used by the  web server.Data stored either in a text file on the client's file system or in  a memory in the client browser.

Benefits of using cookies

• No server resources are required as they are stored in client.
• They are light weight and simple to use
• Following are limitation of using cookies:-
• Most browsers place a 4096-byte limit on the size of a cookie, although support for 8192-
• byte cookies is becoming more common in the new browser and client-device versions
• available today.
• Some users disable their browser or client device’s ability to receive cookies, thereby

limiting the use of cookies.

• Cookies can be tampered and thus creating a security hole.
• Cookies can expire thus leading to inconsistency.

Query String:-

Query string is used to pass the information from one page to another.

Benefits of using query string:

• No server resources are required. The query string containing in the HTTP requests for a
• specific URL.
• All browsers support query strings.

Limitations of query string:-

• Query string data is directly visible to user thus leading to security problems.-
• Most browsers and client devices impose a 255-character limit on URL length.

SERVER SIDE STATE MANAGEMENT:-

• Session State
• Application State
• Profile Properties

Session State:-

• ASP.NET allows you to save values by using session state. 
• This is an instance of the HttpSessionState class. 
• Session state provides a place to store values that will persist across page requests. You can store values that need to be persisted for the duration of a user's session in session variables. These variables are unique to each user session and can be accessed in any ASP.NET page within an application. 
• Values stored in Session are stored on the server and will remain in memory until they are explicitly removed or until the Session expires.

 Application State:

• Application state is a global storage mechanism accessible from all pages in the Web application and is useful for storing information that needs to be maintained between server round-trips and between pages.Application state is stored in the memory of the windows process which is processing user requests on the web server.
  
  In ASP.Net, application state is an instance of HttpApplicationState class and it exposes key-value pairs to store information. Its instance is automatically created when a first request is made to web application by any user and same state object is being shared across all subsequent users.
•  It is useful for storing information that needs to be maintained between server round trips and between requests for pages. Once you add your application-specific information to application state, the server manages it. 

Profile Properties: 

• ASP.NET provides a feature called profile properties, which allows you to store user-specific data. This feature is similar to session state, except that the profile data is not lost when a user's session expires. 
• The profile-properties feature uses an ASP.NET profile, which is stored in a persistent format and associated with an individual user. The ASP.NET profile allows you to easily manage user information without requiring you to create and maintain your own database.
• In addition, the profile makes the user information available using a strongly typed API that you can access from anywhere in your application. You can store objects of any type in the profile. 
• The ASP.NET profile feature provides a generic storage system that allows you to define and maintain almost any kind of data while still making the data available in a type-safe manner.
• To use profile properties, you must configure a profile provider. ASP.NET includes a SqlProfileProvider class that allows you to store profile data in a SQL database, but you can also create your own profile provider class that stores profile data in a custom format and to a custom storage mechanism such as an XML file, or even to a web service.
• Because data that is placed in profile properties is not stored in application memory, it is preserved through Internet Information Services (IIS) restarts and worker-process restarts without losing data. Additionally, profile properties can be persisted across multiple processes such as in a Web farm or a Web garden.