0

There are multiple modes in which session data can be stored in a ASP.net C# application. One of them is InProc mode. What is the limit of the maximum amount of data that can be held in the InProc mode? Is this a configurable limit?

Edit: I know this is probably un-cool and even sounds blasphemous but I am in a unique situation where I will probably need to store 10MB files in the session. Probably dozens of them at a time. Thus the question.

Raj
  • 3,051
  • 6
  • 39
  • 57
  • As much unused memory as there is? – Oded Aug 31 '12 at 14:13
  • 8
    If you have to ask, you're probably doing something wrong. – CodeCaster Aug 31 '12 at 14:15
  • 1
    Word of caution - be wary about storing enormous quantities of data in a user's session. It's fine if your using InProc, but if you move to using a state-server (e.g. because you want to use load-balancing), you'll suddenly find you are transferring megabytes of data per request, which can be a massive performance hit. – RB. Aug 31 '12 at 14:16
  • Is session the only alternative? Is caching (either System.Runtime, nhibernate, or the like) not available to you? – StingyJack Aug 31 '12 at 14:21
  • No, there should be no datastore at all. – Raj Aug 31 '12 at 14:23
  • 2
    I ask, because you are using Session as a datastore already. It is not really meant for what you are doing, you should be using a tool that does the function you are looking for. – StingyJack Aug 31 '12 at 14:24
  • And when I said nhibernate, I meant memcached. – StingyJack Aug 31 '12 at 14:27
  • I mean. What is needed is a datastore that does not have an API through which it's contents can be accessed outside the ASP.net application. – Raj Aug 31 '12 at 14:28
  • Tim Medora's MemoryCache option seems to be the most appropriate then. – StingyJack Aug 31 '12 at 14:33
  • _"I mean. What is needed is a datastore that does not have an API through which it's contents can be accessed outside the ASP.net application."_ - then focus on that. Using the correct permissions, you can set up a directory, database or cache that only your application can access. – CodeCaster Aug 31 '12 at 14:34

3 Answers3

3

Whether or not this is a good question or a scary one depends on whether or not you are trying to plan capacity for numerous "skinny" sessions (fine) or planning to put a huge amount of data into session (bad).

IIS allows private memory control and virtual memory control. This is unlimited by default; if you do set a limit, it can be used to trigger app pool recycles. Recycling the app pool is probably not desirable, e.g. 1000 users are logged in, memory limit is reached, site restarts and session data is lost for everyone. Request throttling might be more appropriate.

Remember, "The amount of data storage reserved for a process is only limited by the amount of space that the operating system can get on the disk." (reference) but as soon as you are paging to disk, performance will suffer badly. @RB's comment about out of process "fat" sessions causing heavy network traffic is also apropos.

As a note, MemoryCache provides more granular size/expiration control. It's very similar to what ASP.Net uses. Based on your comment about 10MB files, I would suggest looking at this option. It will run in process like session (and still be subject to the same memory limit as session), but you can control it to some degree.

Community
  • 1
  • 1
Tim M.
  • 53,671
  • 14
  • 120
  • 163
0

There is a memory limit you can configure for each Application Pool in IIS7. But I'm not sure whether you can configure Session State memory in detail.

Matthias Meid
  • 12,455
  • 7
  • 45
  • 79
0

There is no limit on the length or size of data in session, as far as the server or host machine has memory available with it.

Imran Balouch
  • 2,170
  • 1
  • 18
  • 37