State Management with ASP .NET 2.0 - 1

There is a fundemental problem with building complex stateful web application. The HTTP protocol is stateless and hence each request is a new request to the web server as far as the HTTP server is concerned. ASP .NET 2.0 solves this problem using several options. I will start with the View State and cover the rest in the upcoming posts.

1. View State Collection

The View State collection can be used to store objects of any type to be retrieved whenever needed unique to each client. The View State is stored within the HTML code rendered to the client as a string. If you take a look at the HTML source of a page generated by ASP .NET and is using view state, you will find an input tag that looks like:

<input id="__VIEWSTATE" name="__VIEWSTATE" value="/wEPDwULLTE5ODI3MTMwMDkPZBYCAgEPZBYKZg9k" type="hidden">

Anything stored in the View State collection will be encoded into a Base64 string and included in the HTML code for the page generated in the value of the __VIEWSTATE input tag. This same tag automatically stores the visual information of web controls that have View State enabled, thus the naming "View State." When a page is posted, ASP .NET checks the __VIEWSTATE value and restores the state of the page including any user entered fields and progromattically inserted objects. By default the View State is enabled for an ASP .NET page. To disable View State include 'EnableViewState="false"' in the beginning <%@ Page tag.

<%@Page EnableViewState="false" ... >

Also by default the View State code is tamper-proofed using a hash code. ASP .NET makes a hash of the View State code using a private key and appends it to the View State value. When a page is posted back, ASP .NET recomputes the hash and checks that they match. Developers also have the option of encrypting the View State value. Encryption can be enabled per page or per site in the config file.

<%@Page ViewStateEncryptionMode="Always" ... >
Or
<system.web>
<pages viewStateEncryptionMode="Always" />
...
</system.web>

There are three encryption modes:
Always: encrypt view state information for all controls
Never: encrypt view state information for none of the controls
Auto: encrypt view state information only if a control requests it by calling Page.RegisterRequiresViewStateEncryption()

Using the view state collection is just as easy as using any collection. Objects can be inserted into the collection using a key/value pair. The key however has to be of type string. For example,

ViewState["key"] = "this is a value";

Since data is stored as object, to retrieve it in the right type it must be type casted.

string value = (string) ViewState["key"];

This concludes the view state part of state management. I hope this was useful and informative. Would love to see your comments and know what you think.