Assuming a session is 2K and is read and write on every request and there are 30 req/sec then you have 7.6 meg per minute traffic on the wire. Not to mention 1K sessions mean 2 Megs of memory with only a thousand sessions. Not to mention larger session means more memcopy (kernal) from socket to user space and probable form web server to framework you add another. Race conditions from all this overhead also becomes an issue because of the increased latency.
With objects there is the serialization and deserialization of an object is expensive. Then added to that if you change a class all the session data must be flushed because the old object no longer matches the new object.
- Don't store objects in session
- Minimize session size
- If you are using memcache or memory session storage don't store anything that shoudl be persisted in the data store.