The following guidelines suggest ways on how to manage state more efficiently.

Not all applications or pages require per-user session state, and you should disable it for any that do not.

To disable session state for a page, set the EnableSessionState attribute in the @ Page directive to false, as in the folowing example.

<%@ Page EnableSessionState = "false" %>

NOTE: If a page requires access to session variables but will not create or modify them, set EnableSessionState attribute in the @ Page directive to ReadOnly.

Session state may also be disabled for web service methods. For more information, see Web Services Overview.

To disable session state for an application, set the Mode attribute to "off" in the sessionState configuration section in the application’s Web.config file, as in the following example.

<sessionState mode = "off" />

ASP.NET provides three distinct ways to store session data for your application: in-process session state, out-of-process session state as a Windows Service, and out-of-process session state in a SQL Server™ database. Each has it advantages, but in-process session state is by far the fastest solution.

If you are only storing small amounts of volatile data in session state, it is recommended that you use the in-process provider. The out-of-process solutions are primarily useful if you scale your application across multiple processors or multiple computers or where data cannot be lost if a server or a process is restarted.