Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Understanding ASP.Net session life time

I am confused about ASP or ASP.Net session life time (or life cycle) concepts. More specifically, my confusions are:

  1. How does IIS decide when a new session starts and an existing session ends? Especially how does IIS decide whether a session continues or ends when we call redirect code?
  2. How can we set session expire time? (Currently I only know to set it through web.config sessionState item.)
  3. Is it possible for one session to access another session's variables?
like image 978
George2 Avatar asked Jun 04 '09 15:06

George2


1 Answers

Session is generally handled by generating a unique identifier as a cookie on the clients machine. This is usually a session cookie, so you can't easily get to it. When you visit a site that uses sessions, it looks for this cookie. If it doesn't find it, it creates a new one, thus creating a new session.

One way to set the expire time is in the web.config, you can also set it in IIS by going to your website properties -> Home directory tab ->Configuration button -> Options Tab -> Session Timeout.

You will not be able to access someone elses session data.

like image 133
AaronS Avatar answered Sep 30 '22 21:09

AaronS