0
votes

I'm not a fan of using ASP.NET session state, but our application is using it at this time. We are using SQL Server mode for session state persistence. I'm considering caching authorization check results in the session state, but I worry about the performance of this approach. How exactly does SQL Server session state persistence work in .NET?

From what I can tell, all session data is stored in one database row, with the data itself stored in one column. My worry is that if our application does 12 different authorization checks in one request, and each result is stored immediately after received, that 12 different database requests would be made as those items are stored, which would nullify any network request reductions that I'm trying to accomplish.

Is each session state mutation accompanied by a synchronous database request, or are all session state changes persisted at one time during the ASP.NET request life cycle?

1

1 Answers

0
votes

Sessions are persisted at the end of each ASP.NET request after the ReleaseRequestState application event - and not on session data change.