One more confusion?
While using session in the application we have two things which are SessionID which is used to uniquely identify the session variables and Session Value which is the actual data stored in the session variables.
As session is a server side and cookies are client side state management techniques, so session actual data always stored on the server memory by default. The following list describes the available session storage modes-
- InProc mode, which stores session state in memory on the Web server. This is the default.
- StateServer mode, which stores session state in a separate process called the ASP.NET state service. This ensures that session state is preserved if the Web application is restarted and also makes session state available to multiple Web servers in a Web farm.
- SQLServer mode stores session state in a SQL Server database. This ensures that session state is preserved if the Web application is restarted and also makes session state available to multiple Web servers in a Web farm.
- Custom mode, which enables you to specify a custom storage provider.
- Off mode, which disables session state.
I hope it’s clear that session data is stored on the server and has no relationship with the cookies.
Now let’s understand the session keys storage types-
Session and cookies relationship are limited to only session keys not session value.
If we will try to run below code after disabled the cookies then it will not work that proves that session use the cookies.
<sessionstate cookieless=”true” />
Programming is Easy…