Alternatives to using session variables in ASP.net & C#

DublinWriter

I've noticed that session variables can be shared between browser sessions on a client if the same browser is used to open up multiple instances of the same website developed in ASP.net.

This could be very problematic. What's the current thinking regarding session variables and IIS? Everyone seems to be saying to go stateless to facilitate server farms and the like, but in large enterprise systems it's sometimes handy to store SQL Server/Oracle transaction items in session variables so you can roll-back if the user doesn't want to commit on a multi-table insert/update.

Thanks!

amen

SQL Server/Oracle transaction items in session variables so you can roll-back if the user doesn't want to commit on a multi-table insert/update

How long are you keeping these transactions in call for ?

You do realise that doing this could negatively affect the DB performance and cause deadlocks.

DublinWriter

amen wrote: »

How long are you keeping these transactions in call for ?

You do realise that doing this could negatively affect the DB performance and cause deadlocks.

Minutes and yes.

Giblet

You should probably be looking at Transaction Per Request, or even using an ActionFilter to handle it (MVC). Why are you persisting a transaction over multiple requests? If you are creating an inconsistent state in the Database for a long duration, you may need to think about exactly why you are doing that. Surely you would have problems with transaction scopes?

stevenmu

Are you actually holding a DB transaction open across requests/page loads, or just building up the values for the transaction in your session variables?