You may already be aware that HTTP is a stateless protocol and that the web server does not remember the user's status in between requests if you have been creating web apps for a while. It is challenging to provide the consumer with a personalized experience because of this limitation. To preserve user-specific data across several requests, developers must employ a variety of strategies, including session management. I'll give a quick rundown of sessions and some of their drawbacks in this post. Next, I'll go over how managing sessions in medium-to large-scale enterprise systems can benefit greatly from a distributed, highly scalable cache like NCache. Additionally, I will demonstrate how to set up, install, and utilize NCache in your ASP.NET Core web apps.
An Overview of.NET Session Management
One of the most important aspects of any online application is session management. It enables the server to monitor users over several requests and save user-specific data, like shopping cart details and authentication status. For scalability and dependability, session data can also be kept in a distributed cache like NCache, but it is usually kept on server memory or disk. A session ID is a unique session identification that is assigned to each user and is either supplied in the URL or kept in a cookie. On subsequent queries, the session data is retrieved using this session ID. One of the following places can be used to store session data in.NET.
- In-Process: The session data is stored in the web server's memory. This is the fastest option, but it is not very scalable because session data is available memory, and it can easily be lost if the application pool is recycled or if the web app is hosted on multiple servers and a load balancer sends the request to another server.
- State Server: The session data is stored in a dedicated state server, separate from the web server. This allows session data to persist even if the application pool or web server is restarted. The State Server runs as a Windows service, and session data is accessed over the network, making it suitable for load-balanced environments. However, using a State Server can introduce network latency compared to in-process session storage, though it improves scalability and session persistence.
- SQL Server: The session data is stored in an SQL Server database, which provides persistent storage if you are using multiple web servers or have a load-balanced environment. This approach is more resilient than in-memory sessions but it can introduce overhead due to database read/write operations. This is the best option if your application requires high availability, data persistence, and scalability, and you can slightly compromise on performance.
- Distributed Caching (e.g. NCache): Distributed caching is a method of storing data across multiple servers or nodes in a network, allowing web applications to access cached data more efficiently and reliably. This method is more suitable in cloud-native and distributed applications where you want to keep cached data on the server that is nearest to the user.
Limitations of Traditional Session Management
Although session management seems like a very attractive and useful feature to most developers, as they gain more experience, they realize that there are several limitations to using traditional session management techniques. Some of the limitations are mentioned below.
- Scalability Issues: If you are using in-memory sessions, your sessions are tied to a specific server. This creates problems in load-balanced or multi-server environments, where users may be routed to different servers, causing session data loss unless you are using sticky sessions.
- Memory Consumption: If you are storing a large amount of session data in the server’s memory, your application will consume significant memory resources, especially if you have a large-scale application with millions of users. This can not only degrade application performance, but it also increase the risk of server crashes.
- Session Data Loss: If you are using in-memory session storage, your session data can be lost if the server is restarted or crashes. This disrupts user experiences and requires external solutions to ensure persistence.
- Session Timeout Limitations: Fixed session timeouts can frustrate users, especially if they lose their session due to inactivity. Managing these timeouts effectively while balancing resource consumption can be challenging for most beginner and intermediate-level developers.
- Security Concerns: Traditional session management often relies on cookies to store session IDs, making them vulnerable to session hijacking or cross-site scripting (XSS) attacks if not properly secured.
- Managing Large Sessions: Sessions that store large amounts of data can slow down requests, as reading and writing session data becomes more resource-intensive, particularly when stored in databases or other persistent stores.
The limitations mentioned above often prompt developers to adopt more high-performance and scalable solutions like NCache that can not only solve all of the problems but can also provide many additional features to cache session data for your applications.
NCache is a powerful, distributed caching solution designed specifically for .NET applications. It enhances application performance and makes the application more scalable by providing both an in-memory and a distributed cache across multiple servers. NCache reduces database load and speeds up data access in high-traffic applications. NCache supports a wide range of caching scenarios, such as simple key-value storage, transactional data caching, or session caching. The following diagram shows how the NCache cluster can sit between your .NET applications and the database and cache data for multiple applications.
NCache provides various APIs to add, update, or remove data to/from cache. The data can be stored as a single item or as bulk data. Developers also have the option to store data either synchronously or asynchronously as per their application requirements. The data stored in the cache can be a primitive data type such as int, double, bool, object, etc. or it can be any custom serializable class object, e.g. Product, Order, etc.
Advantages of using NCache for Session Management
Following are some of the benefits of using NCache as your ASP.NET Core Session State Provider.
- High Availability: NCache replicates sessions across multiple cache nodes to ensure that the session data is always available, even during server failures. NCache provides a self-healing peer-to-peer clustering architecture that has no single point of failure. This dynamic clustering also allows us to add or remove any cache server from the cluster without stopping the cache or the applications.
- Multi-Region Replication: NCache can also replicate ASP.NET Core sessions across multiple regions (data centers) to ensure that the sessions remain safe, even if a data center goes offline.
- Distributed & Scalable: NCache stores session data in a distributed cache that allows your sessions to scale across multiple servers. This also eliminates the single-point-of-failure issues.
- Improved Performance: It enhances the performance of session retrieval by caching session data in memory, reducing the load on databases or slower storage systems. NCache also uses its custom serialization method called ‘Compact Serialization’ which is much faster than the slow serialization method available in .NET.
- Session Failover and Persistence: In the event of an application server failure, NCache automatically handles session failover to make sure that the sessions are not lost. It also supports persistent session storage, allowing session data to survive across application restarts.
- Support for Large Sessions: NCache can handle large session objects, distributing them efficiently across cache nodes.
- Cross-Platform Compatibility: NCache offers flexibility for different development environments by supporting both ASP.NET and ASP.NET Core applications.
- Increased Web Farm Efficiency: In multi-server environments, NCache eliminates the need for "sticky sessions" by synchronizing the session state across all servers.
- Enhanced Security: With encryption and secure communication between cache clients and servers, NCache ensures that sensitive session data remains protected.
Installing and Configuring NCache in ASP.NET Core App
Before we learn how to use NCache, we need to make sure we have installed and configured NCache on the development machine. There are multiple versions of NCache available, and you can choose the specific version as per your application requirements.
- NCache Open Source: A free, open-source, and community-supported version of NCache that provides basic distributed caching features for small to medium applications.
- NCache Professional: This is a paid version of NCache and it is suitable for small to medium-sized business applications. It provides additional features such as client cache and better performance optimizations.
- NCache Enterprise: The most advanced version of NCache that provides the most advanced caching features, including disaster recovery, high availability, and performance monitoring, and it's the best choice for large enterprise applications.
Note. NCache Professional and Enterprise versions are also available as SaaS in both Azure and AWS marketplaces.
The next thing we need to decide is how we want to install and use NCache. We can choose one of the following options.
- NCache Cache Server: We can download and install the NCache cache server from the NCache official download page to enjoy features like distributed caching, high availability, replication, and scalability.
- NCache Docker Image: We can spin up an NCache cache server in a Docker container if you want to avoid installing NCache directly on our system.
- NCache Client (In Memory Cache): We can skip NCache cache server installation and directly use NCache-related Nuget packages in our .NET projects to use in-memory cache for quick testing and proof of concepts.
For this article, I have downloaded the Open Source version of NCache. Let’s create a new ASP.NET MVC Project in Visual Studio 2022 using .NET 8 and run the following commands in the Package Manager Console to install the Open Source version of NCache.
Package Manager Console
Next, we need to configure NCache, and we have two options.
- We can specify all configurations through code in the Program.cs file.
- We can specify all configurations in JSON format in the appsettings.json file.
Let’s use option one and configure NCache in the Program.cs file.
Program.cs
The above code snippet uses the AddNCacheDistributedCache method to configure NCache. This method adds NCache as the default distributed cache implementation of the IDistributedCache interface. The method requires CacheName and some other optional configurations.
Next, we need to add the following code in our HomeController.
HomeController.cs
The above code injects the IDistributedCache instance into the constructor of the controller and then uses the Get and Set methods to add and retrieve data from the cache.
To use NCache ASP.NET Core Session Provider for session management we need to install the following Nuget package in our project.
Package Manager Console
Next, we need to initialize the NCache sessions service in the Program.cs file as follows.
Program.cs
The complete details of all session-related options are available in NCache docs.
Next, we need to configure the HTTP request pipeline by adding middleware using the UserNCacheSession method.
Program.cs
After configuring NCache as the default cache for ASP.NET Core Sessions, you can perform all session-specific operations without modifying any code, and all sessions will be stored in the distributed NCache. You just need to make sure that if you are storing custom objects in the session, then they are marked as serializable. You can do this by adding the [Serializable] attribute to your custom object class definition.
Let’s implement a small To Do list app that will display a To Do list to the user and will allow the user to add a new To-Do item to the list. We will then store the To Do list in the ASP.NET core session that will use NCache behind the scenes.
First of all, create the following ToDo model class with a single Name property.
ToDo.cs
Next, implement the following Index action methods in the HomeController that will fetch the list ToDo list from the session using the GetObject method and display it on the page.
HomeController.cs
The razor view page of the above action method will iterate over the ToDo items and will render the names of all ToDo items in a simple table. It also has a Create New button that will redirect the user to another page where the user can add a new ToDo Item.
Index.cshtml
If you will test your page at this point, you should see the following output in the browser.
Next, implement the following Create action methods in the HomeController. The first method will render the Create page in the browser using the HttpGet request. The second method will be called when the user submits the Create page by providing a new ToDo item name.
HomeController.cs
The above Create method first fetches the ToDo ToDo list from the session, and if it doesn’t find any list in the session, it creates a new list. Next, it adds the ToDo item to the list, and finally, it puts the list back in the session using the SetObject method.
Please note that the GetObject and SetObject methods used above are not the built-in methods of ASP.NET Core. I implemented the following extension methods to easily add or retrieve custom objects in or from the session.
SessionExtensions.cs
Following is the Razor view page of the Create action method.
Index.cshtml
You can now run the application and try to click the “Create New” button. You should see the page similar to the following screenshot.
Try to create some ToDo items using the above form, and all items will be added to the list and session.
Summary
NCache is an ideal solution for managing sessions in high-traffic or distributed web applications. In this article, we learned how application resilience and user experience can be enhanced using NCache features like session replication, high availability, and fault tolerance. We also learned how to install, configure, and use NCache for simple data caching as well as session data caching.
ASP.NET Core 9.0 Hosting Recommendation
At HostForLIFE.eu, customers can also experience fast ASP.NET Core hosting. The company invested a lot of money to ensure the best and fastest performance of the datacenters, servers, network and other facilities. Its datacenters are equipped with the top equipments like cooling system, fire detection, high speed Internet connection, and so on. That is why HostForLIFEASP.NET guarantees 99.9% uptime for ASP.NET Core. And the engineers do regular maintenance and monitoring works to assure its Orchard hosting are security and always up.