Session

The session state is used to maintain the session of each user throughout the application. Session allows information to be stored in one page and access in another page and support any type of object.

• Session state is maintained in session level.
• Session state value is available in all pages within a user session.
• Session state information stored in server.
• Session state persist the data of particular user in the server. This data available till user close the browser or session time completes.
• Session state used to persist the user-specific data on the server side.
• SessionState variables are cleared, when the user session times out. The default is 20 minutes. This is configurable in web.config.
• You should not store sensitive data on cookie.

Viewstate

ViewState is used to maintain the state of controls during page postback and if we save any control values or anything in viewstate we can access those values throughout the page whenever it required .

• View state is maintained in page level only.
• View state of one page is not visible in another page.
• View state information stored in client only.
• View state persist the values of particular page in the client (browser) when post back operation done.
• View state used to persist page-instance-specific data.
• Has no expiration date.
• You should not store sensitive data on cookie.
• You should not store sensitive data on cookie.
• You should not store sensitive data on cookie.

Usage situation

• If you want to access the information on different web pages, you can use SessionState
• If you want to access from the same page, then you can use Viewstate
• Session state provides more security when compared with view state as the data value is stored in server side