Session variable removal question. as related to a paged data source

I have inherited some very old ASP.Net code. Written initially in 1.0 and then converted to 2.0 There is a page which uses a custom pager control. That control has the following logic in it:

Private _DataSource As PagedDataSource
Public Property DataSource() As PagedDataSource
    Get
        If Not IsNothing(Session("DataSource")) Then
            _DataSource = Session("DataSource")
            Return _DataSource
        End If
        Return Nothing
    End Get
    Set(ByVal value As PagedDataSource)
        _DataSource = value
        If Not IsNothing(value) Then
            Session("DataSource") = value
        Else
            Session("DataSource") = Nothing
        End If
    End Set
End Property

The page which uses that pager has the following logic in it:

Private PagedData As PagedDataSource

Private Function GetData() As DataTable
    Dim DT As New DataTable
    Dim CategoryID As Integer = -1
    If IsNothing(ddlCategories.SelectedValue) OrElse Not Integer.TryParse  (ddlCategories.SelectedValue, CategoryID) Then
        CategoryID = -1
    End If

    Dim myConnection As New SqlConnection(Con开发者_开发问答figurationManager.ConnectionStrings("ConnectionString").ConnectionString)
    Dim myAdapter As New SqlDataAdapter

    myAdapter = New SqlDataAdapter("SearchResources", myConnection)
    myAdapter.SelectCommand.CommandType = CommandType.StoredProcedure

    If SearchText <> String.Empty Then
        trFiltered.Visible = True
    End If

    With myAdapter.SelectCommand.Parameters
        .AddWithValue("@CategoryID", CategoryID)
        .AddWithValue("@SearchText", SearchText)
        .AddWithValue("@CompanyID", CompanyID)
    End With

    If Not Security.IsSiteAdmin Then
        myAdapter.SelectCommand.Parameters.AddWithValue("@UserIsAdmin", 0)
        myAdapter.SelectCommand.Parameters.AddWithValue("@FTPUserID", Security.GetUserID(Context.User.Identity.Name))
    Else
        myAdapter.SelectCommand.Parameters.AddWithValue("@UserIsAdmin", 1)
    End If

    Try
        myAdapter.Fill(DT)
    Catch ex As Exception
        ErrorLog.LogError(ex.Message, ex.StackTrace, HttpContext.Current.User.Identity.Name, HttpContext.Current.Request.Url.ToString)
        HttpContext.Current.Response.Redirect("~/error.aspx", False)
        Return Nothing
    End Try
    Return DT
End Function

Protected Sub ReloadData()
    CurrentPage = 0
    CheckFilters()
    BindData()
End Sub

The task at hand was to remove all session variables. What would be the best way to represent this data without the use of session. Originally i was told to put all session items into a cookie, while this worked for most of the items it will not work for this due to the cookie size limitation, Im also not to keen on the idea of keeping it in ViewState or even if that is an option. Im very new to VB and dont have much expierence re-writting legacy code. Session is not an option because this is being moved into a web-farm and Sticky sessions are turned off so it must work without session.

Any suggestions are greatly appreciated. Sorry if im asking a question that has a painfully obvious answer.

thanks in advance, -James.

Well, somebody may come by and vote me down... but I'd say your best option is ViewState.

If you are limited as you are to not use SessionState and you are running into a cookie size limitation, I can only think of two other options (Cache and ViewState) and I certainly wouldn't recommend Cache for this.

Now you know you can use a out of process session state (either a SQL Server or a StateServer)?

More info can be found here: http://msdn.microsoft.com/en-us/library/ms178586.aspx