Introduction
ASP.NET MVC supports session state. As we know sessions are used to store data used across requests. ASP.NET MVC manages session data whether or not we store data in the session. Now with MVC, we can disable the session for the controller. This concept is called a sessionless controller.
Sessionless Controller
It is possible to disable the session for a controller. It may be that some of the controllers of our application do not use the session state feature. We can disable the session for those controllers using the SessionStateAttribute (set session state Behavior to Disabled) and we can get a slight performance improvement for our application.
Example
[SessionState(System.Web.SessionState.SessionStateBehavior. Disabled)]
public class HomeController : Controller
{
……
……
}
If we mark our controller as sessionless and we still try to access a session within the controller then it throws the exception “Object reference not set to an instance of an object”.
Example code
[SessionState(System.Web.SessionState.SessionStateBehavior. Disabled)]
public class HomeController : Controller
{
public ActionResult Index()
{
ViewBag.Message = "Welcome to ASP.NET MVC!";
Session["test"] = "Session less controller test";
return View();
}
}
Output
Session State Behavior
The SessionState attribute in MVC provides more control over the behavior of the session state by specifying the value of the behavior property (this is a read-only property but we can set it using a parameterized contractor of the SessionStateAttribute).
Enumeration Value |
Description |
Default |
The default ASP.NET logic is used to determine the session state behavior for the controller. |
Required |
Full read and write session state behavior is enabled for the request. |
ReadOnly |
Read-only session state is enabled for the request. In other words we can read the data from the session but we cannot write the data into the session. |
Disabled |
Session State is disabled for the current request. |
Session less controller and TempData
TempData in MVC uses session state internally to store the data. So when we disable the session state for the controller, it will throw the exception as below.
[SessionState(System.Web.SessionState.SessionStateBehavior.Disabled)]
public class HomeController : Controller
{
public ActionResult Index()
{
ViewBag.Message = "Welcome to ASP.NET MVC!";
TempData["test"] = "session less controller test";
return View();
}
}
Output
Conclusion
The SessionState attribute specifies the session state behavior at the controller level. This attribute is a class level attribute so we cannot use it in a method (or at an action level). This attribute is very useful when we require specific behavior of session state for a specific controller. For example, for any controller, we do not want to use a session state; at this time we can mark this controller with the SessionState attribute and the behavior is disabled.