Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

session Handling in asp.net

Tags:

asp.net

I am trying to find out how to destroy a ASP.NET session when the user navigates away from my site.I am using Global.ascx application file and use session_end event .Its working fine when i click logout button. But when i close browser directly its not using Global file after 20 minitues. i used in web.conig file as <sessionState mode="InProc" timeout="20"></sessionState>
Please help me
Augustine

like image 235
augustine Avatar asked Mar 28 '11 07:03

augustine


People also ask

What is session handling in C#?

Session is a State Management Technique. A Session can store the value on the Server. It can support any type of object to be stored along with our own custom objects. A session is one of the best techniques for State Management because it stores the data as client-based.

What are sessions in ASP NET MVC?

Session is used to store data values across requests. Whether you store some data values with in the session or not Asp.Net MVC must manage the session state for all the controllers in your application that is time consuming.


2 Answers

Session timeout defines when some session would be destroyed after some idle time.

If you want more control over sessions, you would need to use SQLServer mode, State Server mode, or a custom one taylored yourself.

I mean that, because, for example, SQLServer mode stores sessions in a standard SQL Server table, so, you can implement some SQL Server job, or schedule some task in Windows or in some Windows Service, so you can clean up sessions depending on your needs.

By the way, maybe you need to know that if you're using InProc, your sessions can be destroyed because IIS recycled application pool, or server got entirely restarted. And this isn't ending sessions, so the appropiate event and handler won't work in this scenario.

I repeat, if you need a better session management mode like ones I suggested you.


EDIT:

Check this page: http://aspalliance.com/520_Detecting_ASPNET_Session_Timeouts.2

You'll learn how to handle session timeouts better, since Session_End isn't called when a session expires, but when you call "Session.Abandon".

like image 96
Matías Fidemraizer Avatar answered Oct 28 '22 14:10

Matías Fidemraizer


The browser doesn't send a signal to the website when the visitor "navigates away" or "closes his browser". So asp.net (or any other server side technology) can't react to that to destroy a session.

That's why a session works with a timeout: if the user doesn't perform a request within the timeout period, then he is supposed to have abandoned the session, even when he was just reading that page for 20+ minutes.

like image 29
Hans Kesting Avatar answered Oct 28 '22 13:10

Hans Kesting