With ASP.NET 4.0, we can enable/disable session state programmatically. The new version of the framework adds a new method (SetSessionStateBehavior) to the HttpContext class.
You’re supposed to pass it a value from the SessionStatebehavior to influence the use of session state. Here are the values you can pass:
- Default: passing this means that everything works as before (ie, you control session through the @page directive or the <pages> entry in the web.config file);
- Required: session state is enabled for read/write access;
- ReadOnly: gives access to read only session state;
- Disabled: turns off session state for the current request.
In practice, passing one of the last three methods means that eventual settings specified at the @Page directive or in the <pages> element of the config file are ignored.
IMP: you can not use above until the AcquireRequestState event is fired. If you do you will get an exception.