77

I would like to have a very lightweight ASP.NET MVC site which includes removing as many of the usual HttpModules as possible and disabling session state. However when I try to do this, I get the following error:

The SessionStateTempDataProvider requires SessionState to be enabled.

I've disabled session state in web.config:

<sessionState mode="Off" />

I understand that ASP.NET MVC uses session state for TempData, but I don't need/want TempData - I just want to disable session state. Help!

Daniel Schaffer
  • 56,753
  • 31
  • 116
  • 165
  • Nice idea - I'd be interested to hear if you encountered any other issues with this and how lightweight you were able to get in the end. – Michael Hart Aug 28 '09 at 12:00
  • I didn't do much more experimenting after I implemented Steve's changes, but there was still a fair amount of overhead. The fastest I've been able to get ASP.NET going has been with straight IHttpHandler implementations. See my answer here for more info: http://stackoverflow.com/questions/509978/something-faster-than-httphandlers/510001#510001 – Daniel Schaffer Aug 28 '09 at 15:01
  • 26
    This is fixed in MVC 2. We fixed the session state temp data provider that it won't throw unless you actually try to read/write the temp data. – Brad Wilson Aug 28 '09 at 16:40
  • Brad: Excellent, good to know! – Daniel Schaffer Aug 28 '09 at 17:09

5 Answers5

48

You could make your own ControllerFactory and DummyTempDataProvider. Something like this:

public class NoSessionControllerFactory : DefaultControllerFactory
{
  protected override IController GetControllerInstance(Type controllerType)
  {
    var controller = base.GetControllerInstance(controllerType);
    ((Controller) controller).TempDataProvider = new DummyTempDataProvider();
    return controller;
  }
}


public class DummyTempDataProvider : ITempDataProvider
{
  public IDictionary<string, object> LoadTempData(ControllerContext controllerContext)
  {
    return new Dictionary<string, object>();
  }

  public void SaveTempData(ControllerContext controllerContext, IDictionary<string, object> values)
  {
  }
}

And then you would just need to register the controller factory on app startup - e.g. you could do this in global.asax:

ControllerBuilder.Current.SetControllerFactory(new NoSessionControllerFactory());
Steve Willcock
  • 26,111
  • 4
  • 43
  • 40
  • 1
    Thanks... still not ideal (to me at least), but still better than doing it on each controller. – Daniel Schaffer May 19 '09 at 20:54
  • 10
    Sorry, that sounded really ungrateful... didn't mean it to be :D – Daniel Schaffer May 19 '09 at 20:56
  • 3
    hehe, no problem :) I understand it could seem like more code than you'd ideally want for what seems like it should be a configurable thing, but one of the big strengths of ASP.NET MVC is this type of configuration through providing alternative implementations via code. It gives you a lot of power to get in there and do things the way you want and overall I'd say it's really a 'good thing'. Personally I prefer typing C# code than xml anyway ;) – Steve Willcock May 20 '09 at 08:38
  • Hi Steve. I just implemented your code in my proj. It works well. Thanks! Now I have Session disabled. – Cyril Gupta Jul 21 '09 at 03:01
  • 4
    I added one more piece to my solution in the SaveTempData method: if ( values.Count != 0 ) throw new NotImplementedException("Can not set tempdata, no session state available"); http://tinyurl.com/mbegfr – BillRob Aug 28 '09 at 13:24
  • Good idea Bill, that would avoid some hard-to-debug missing state issues I'm sure :) – Steve Willcock Aug 28 '09 at 14:55
  • This was improved with MVC3, just add `[SessionState(SessionStateBehavior.Disabled)]` to your controller. – pauloya Aug 04 '11 at 16:08
  • Or use to disable it globally. This is an ancient bug fixed doggie decades ago. – RickAndMSFT May 28 '14 at 22:54
  • @RickAndMSFT You're saying to do exactly what the OP says he did. But in doing so he's getting the SessionStateTempDataProvider required error. – Shawn de Wet Dec 04 '19 at 02:39
9

I've found one way, which I don't particularly care for:

Create NoTempDataProvider

using System;
using System.Collections.Generic;
using System.Web.Mvc;

namespace Facebook.Sites.Desktop.Auth.Models
{
    public class NoTempDataProvider : ITempDataProvider
    {
        #region [ ITempDataProvider Members ]

        public IDictionary<String, Object> LoadTempData(ControllerContext controllerContext)
        {
            return new Dictionary<String, Object>();
        }

        public void SaveTempData(ControllerContext controllerContext, IDictionary<String, Object> values) { }

        #endregion
    }
}

Manually Overwrite the Provider in the Controller

public class AuthController : Controller
{
    public AuthController()
    {
        this.TempDataProvider = new NoTempDataProvider();
    }
}

I would greatly prefer a way to do this completely via the configuration, but this works for now.

Daniel Schaffer
  • 56,753
  • 31
  • 116
  • 165
  • 4
    Yes, your way is similar to the way I outlined in my answer - although you don't have to manually override the TempDataProvider in each controller if you provide a custom ControllerFactory to handle it for you. – Steve Willcock May 19 '09 at 20:43
  • 6
    You can also create a base Controller class, and configure the TempDataProvider in it's constructor. – Brannon Aug 28 '09 at 15:39
6

If you need to use TempData for simple strings, you can use the CookieTempDataProvider in MvcFutures http://aspnet.codeplex.com/Release/ProjectReleases.aspx?ReleaseId=24471.

Haacked
  • 58,045
  • 14
  • 90
  • 114
1

According to Brad Wilson, this has been fixed in MVC 2 Preview 1. See here and here.

Raleigh Buckner
  • 8,343
  • 2
  • 31
  • 38
0

Modern solution:

In ASP.NET, if you do not use the Session object to store any data or if any of the Session events (Session_OnStart or Session_OnEnd) is handled, session state is disabled.

So not using Session (or TempData), disables Session State.

Source

ErTR
  • 863
  • 1
  • 14
  • 37