I conducted the following simple test:
- In web.config we have: `sessionState timeout = 40 mode = InProc`
- A blank page with `EnableSessionState =" ReadOnly "` is set in the tag
- Code for:
protected void Page_Load(object sender, EventArgs e) { if (Session["dt"] == null) Session["dt"] = DateTime.Now; Session["dt"] = ((DateTime)Session["dt"]).AddYears(1); Response.Write(Session["dt"].ToString()); }
The result for simultaneous feedback messages will look like this:
1- 11/11/2015 10:00:00
2- 11/11/2016 10:00:00
3- 11/11/2017 10:00:00
4- 11/11/2018 10:00:00
5- 11/11/2019 10:00:00
6- 13/11/2020 10:00:00
...
Which clearly indicates that the session variable is being updated. On MSDN you can find the following: http://msdn.microsoft.com/en-us/library/ms178581(v=vs.100).aspx
You can disable the session state for the application by setting the session state mode to off. If you want to disable session state only for a specific page of the application, you can set the EnableSessionState value in the @page directive to false. EnableSessionState can also be set to ReadOnly to provide read-only access to session variables.
We perform read / write operations on almost every page of our application. However, this prevents the simultaneous execution of two HTTP requests for the same client. The first request must be completed until the server processes the second. After some research, this was evident due to exclusive locks on the session. For curiosity, we tried to set the session state in ReadOnly and it seems that it is still editable and no exceptional locks are defined.
Questions:
1. Does Readonly mean Readonly (so there is an error in asp here) or something else?
2 While the session is apparently being edited with the ReadOnly state, is there anything to worry about, do you consider it safe to use it the way it does in the production environment?
thanks
source share