ASP.NET overcomes all major limitations of ASP when it comes to managing session states. As you are aware from ASP development, a session state is nothing but a named variable that is cached at the server for the duration of the web user’s session. As the user navigates through the web application, the session state retains its value as long as the session is not expired.
ASP Session state management can be summarized as follows:
The session starts, and the web application assigns a unique key to the user.
This key is stored in an HTTP cookie. Along each subsequent request, the client browser sends the unique key back to the server.
The server looks up the states stored for this particular key and processes the request accordingly.
While this has worked fine for all these years, we’ve found out that there were a number of limitations to live with or work around. The biggest limitation is that the session state is process dependent, which is impossible to implement in a web farm environment without custom session management.
ASP.NET improves upon ASP session-state management by moving to an out-of-process model. By having all web servers in the farm pointing to a common server that hosts the out-of-process state manager, the web client can be redirected around the farm without losing the session states.
By using an out-of-process model, we no longer have the problem of losing session states when the IIS process is cycled. ...