Sessions in .Net

Session object enables you to maintain user-specific information in memory cache. The ASP.NET runtime automatically creates this object when a new user visits your Web site, and it remains in memory for a specific period after the user stops using the Web site. You can alter the duration for which the Session object remains in memory by changing the session timeout setting in the Web.config file. The timeout is set to 20 minutes by default

The ASP.NET framework enables us to store session state either in Web server memory, in a Windows service, or in a SQL Server database

In-Process Session
The default session state setting is InProc. When configured with this setting, the ASP.NET runtime keeps all session information in the Web application's memory. Because the session is stored in the application's memory, it is much faster to get the stored information. On the other hand, if your Web application restarts for any reason, you will lose every object stored in every user's session.

State Server
The ASP.NET framework enables us to store session information by using a Windows service. Because the Windows service runs as an independent process, information stored in the service is not affected when the Web application is restarted. Also, other Web servers in the server farm can communicate with the Windows service to get access to the session information stored in it.

SQL Server Session
In this mode Microsoft SQL Server is employed to maintain session state. Though the overhead for using SQL Server mode is higher than InProc, you can restart the web server all you want and the users session data will persist.