I'm currently working on an application that stores its Session State in process. Due to the way the application has been written when we release the application / app pool recycle the session data is lost and the user is logged out.
This isn't great for three reasons:
- Upgrading software logs users out
- Difficult whilst fixing bugs as when we rebuild the solution the developer has to navigate back to the page he/she is working on which takes time.
- We are looking to move to load balanced infrastructure
I've decided to move Session State to StateServer to prevent the Session being lost.
A pre-requisite for using StateServer is that all objects stored in Session must be Serializable and therefore must explicitly be decorated with the System.SerializableAttribute.
So I've found myself manually going through the whole object graph of our SessionData object (which is quite large) and it's taking some time.
I've stopped at this point as this seems like quite an erroneous task.
I also found that our root SessionData object could be stored in session state fine even with properties that weren't decorated with the Serializable attribute providing that they were null. So without going through everything I wouldn't know until an Exception was thrown.
So my questions are:
- Am I making the correct decision to move Session State out of process (we may be moving to a load balancing model so I think this will need to be the case)
- Is it correct that I need to manually go through the whole object graph and explicitly add the System.SerializableAttribute.
Thanks in advance.
