Session state is one of the important thing that differentiates the static html pages with server rendered pages. Following checklist can be maintained while deciding to put something in session
- Understand that Session state should only be used to store session related data, unlike caching where we can store it until the application is restarted.
- Always keep the information that is relavent to that session of the user like user login credentials, authorization list and application related information relavent and frequently used during the lifetime of that session.
- Use one huge string to store multiple smaller values using a delimiter, than storing them under different names.
- Avoid putting complete business objects in session as it will hog the system resources slowing down the server. If something has to be persisted through out the application lifetime, cache them.
- Use options like InProcess session management, StateServer or SQL server effectively based on the size of applications.
Make your application robust and fast by handling sessions better.