Interview FAQs

There are two types of session events available in ASP.NET:

  • Session_Start
  • Session_End
You can handle both these events in the global.asax file of your web application. When a new session initiates, the session_start event is raised, and the Session_End event raised when a session is abandoned or expires.

We know that Http is stateless, means when we open a webpage and fill some information and then move to next page then the data which we have entered will lost.It happed do to Http protocol stateless nature. So here session come into existence, Session provide us the way of storing data in server memory. So you can store your page data into server memory and retrieve it back during page postbacks.

Stateless protocol is a communications protocol that treats each request as an independent transaction that is unrelated to any previous request so that the communication consists of independent pairs of requests and responses.

State management is the process by which you maintain state and page information over multiple requests for the same or different pages.


  • Session provide us the way of maintain user state/data.
  • It is very easy to implement.
  • One big advantage of session is that we can store any kind of object in it. eg, datatable, dataset etc
  • By using session we do not need to worry about data collapsed, because it store every client data separately.
  • Session is secure and transparent from the user.
  • Performance overhead in case of large volumes of data/user, because session data is stored in server memory.
  • Overhead involved in serializing and de-serializing session data, because in the case of StateServer and SQLServer session modes, we need to serialize the objects before storing them.

Asp.Net use 120 bit identifier to track each session. This is secure enough and can not be reverse engineered. When client communicate with server, only session id is transmitted, between them. When client request for data, ASP.NET looks on to session ID and retrieves corresponding data.

By default, the unique identifier for a session is stored in a non-expiring session cookie in the browser. You can specify that session identifiers not be stored in a cookie by setting the cookieless attribute to true in the sessionState configuration element. We can also configure our application to store it in the url by specifying a "cookieless" session.The ASP Session cookie has this format:-


If you want to disable the use of cookies in your ASP.NET application and still make use of session state, you can configure your application to store the session identifier in the URL instead of a cookie by setting the cookieless attribute of the sessionState configuration element to true, or to UseUri, in the Web.config file for your application.The following code example shows a Web.config file that configures session state to use cookieless session identifiers.



<sessionState cookieless="true" regenerateExpiredSessionId="true" timeout="30"/>

System.Object is the top .NET class that everything is derived from.
We use untrusted verification because web Services might use it, as well as non-windows applications. 
PreviousDisplaying 42 of 46Next
Need Help? Contact Us.

Log in


Forgot password?


New User