Here are the session materials for my Digital BlackBelt Webcast on Working with Web Sessions.

NOTE: The code is NOT a complete  best practices guide. Database connections etc, are not secured. Use at your own risk.

The Powerpoint Deck and sample code.
http://www.joeon.net/downloads/DBB-UsingSessions.zip

I suggest this book – Hacking the Code.

Here are some interesting articles on the subject.

Generate Machine Key Elements for Web Farm
http://www.eggheadcafe.com/articles/20030514.asp

Design and Deploy Secure Web Apps with ASP.NET 2.0 and IIS 6.0
http://msdn.microsoft.com/msdnmag/issues/05/11/SecureWebApps/default.aspx

 
Foiling Session Hijacking Attempts
http://msdn.microsoft.com/msdnmag/issues/04/08/wickedcode/

ASP.NET State View
http://msdn.microsoft.com/msdnmag/issues/03/02/CuttingEdge/