Global.asax Session_End
in [CSharp]
|
From: GregoryJ on 7 Jan 2009 17:14 I'm trying to get my Session_End event to fire when my web application has lost focus or the web browser has been closed. From what I saw on a internet site it stated to set the following <sessionState mode="InProc"> </sessionState> Should having this set should make the Session_End event fire? I need to fire an event when the user either leaves my site or closes the browser so that if they return they have to login again. My Session_Start event fires, but not my Session_End. What must I do to make this fire when closing the browser? Thanks.
From: Mark Rae [MVP] on 7 Jan 2009 18:13 "GregoryJ" <GregoryJ(a)discussions.microsoft.com> wrote in message news:6FC0B4DE-0550-4081-B8EA-86593774B9D4(a)microsoft.com... > I'm trying to get my Session_End event to fire when my web application has > lost focus or the web browser has been closed. From what I saw on a > internet > site it stated to set the following > > <sessionState > mode="InProc"> > </sessionState> Firstly, you're in the wrong newsgroup - for ASP.NET questions, please post in: microsoft.public.dotnet.framework.aspnet > Should having this set should make the Session_End event fire? No it shouldn't - this is one of the most common misconceptions about the disconnected architecture of web applications. Session_End fires when the Session_Ends. Closing the browser, or navigating to another site, does *NOT* cause the session to end. Simplistically, the web works like this: 1) A web server receives an HttpRequest from a web client. 2) The web server processes that HttpRequest and streams back an HttpResponse. 3) The web client receives that HttpResponse and renders it in the browser. That's it. There is no permanent connection between the web server and the web client. The web server has absolutely no knowledge of what happens on the web client until / unless it receives a further HttpRequest from it. If the browser navigates to another site, or is closed, the webserver has absolutely no knowledge of this - how could it...? > I need to fire an event when the user either leaves my site or closes the > browser so that if they return they have to login again. My Session_Start > event fires, but not my Session_End. Over the years, people have tried to come up with all sorts of convoluted mechanisms for this: http://www.google.co.uk/search?sourceid=navclient&hl=en-GB&ie=UTF-8&rlz=1T4GPTB_en-GBGB298GB298&q=Session_End+close+browser None of them works... > What must I do to make this fire when closing the browser? You can't - that's not how web applications work... -- Mark Rae ASP.NET MVP http://www.markrae.net
From: GregoryJ on 7 Jan 2009 18:28 Thanks for giving me this oversight even though I am in the wrong newsgroup. What you say makes sense. Basically, I am evaluating the Session's state when I load my pages using a Cookie that holds some session related information. Although I'm in the wrong place, can I ask one question about the Cookie.Expires method. If I set the Cookie to expire in 20 minutes, what would be the best approach to keeping the session from expiring while someone is working in the application. My thought is that I'm going to reset the Expire minutes everytime a new page or transaction takes place. Good idea or bad? Thanks again for your insight and time. "Mark Rae [MVP]" wrote: > "GregoryJ" <GregoryJ(a)discussions.microsoft.com> wrote in message > news:6FC0B4DE-0550-4081-B8EA-86593774B9D4(a)microsoft.com... > > > I'm trying to get my Session_End event to fire when my web application has > > lost focus or the web browser has been closed. From what I saw on a > > internet > > site it stated to set the following > > > > <sessionState > > mode="InProc"> > > </sessionState> > > Firstly, you're in the wrong newsgroup - for ASP.NET questions, please post > in: microsoft.public.dotnet.framework.aspnet > > > Should having this set should make the Session_End event fire? > > No it shouldn't - this is one of the most common misconceptions about the > disconnected architecture of web applications. Session_End fires when the > Session_Ends. Closing the browser, or navigating to another site, does *NOT* > cause the session to end. > > Simplistically, the web works like this: > > 1) A web server receives an HttpRequest from a web client. > > 2) The web server processes that HttpRequest and streams back an > HttpResponse. > > 3) The web client receives that HttpResponse and renders it in the browser. > > That's it. There is no permanent connection between the web server and the > web client. The web server has absolutely no knowledge of what happens on > the web client until / unless it receives a further HttpRequest from it. If > the browser navigates to another site, or is closed, the webserver has > absolutely no knowledge of this - how could it...? > > > I need to fire an event when the user either leaves my site or closes the > > browser so that if they return they have to login again. My Session_Start > > event fires, but not my Session_End. > > Over the years, people have tried to come up with all sorts of convoluted > mechanisms for this: > http://www.google.co.uk/search?sourceid=navclient&hl=en-GB&ie=UTF-8&rlz=1T4GPTB_en-GBGB298GB298&q=Session_End+close+browser > None of them works... > > > What must I do to make this fire when closing the browser? > > You can't - that's not how web applications work... > > > -- > Mark Rae > ASP.NET MVP > http://www.markrae.net > >
From: Mark Rae [MVP] on 7 Jan 2009 18:57 "GregoryJ" <GregoryJ(a)discussions.microsoft.com> wrote in message news:17C06520-9457-4D0F-A4F3-A4B883AAFE94(a)microsoft.com... [please don't top-post] >>> Should having this set should make the Session_End event fire? >> >> No it shouldn't - this is one of the most common misconceptions about the >> disconnected architecture of web applications. Session_End fires when the >> Session_Ends. Closing the browser, or navigating to another site, does >> *NOT* >> cause the session to end. >>> What must I do to make this fire when closing the browser? >> >> You can't - that's not how web applications work... > Basically, I am evaluating the Session's state when I load my pages using > a > Cookie that holds some session related information. That won't tell you when someone closes their browser or navigates to another site... > Although I'm in the wrong place This topic is wholly inappropriate for a C# newsgroup. If you want to pursue it, please post in microsoft.public.dotnet.framework.aspnet where I will pick it up... -- Mark Rae ASP.NET MVP http://www.markrae.net
From: Göran Andersson on 7 Jan 2009 19:43 GregoryJ wrote: > Thanks for giving me this oversight even though I am in the wrong newsgroup. > What you say makes sense. > > Basically, I am evaluating the Session's state when I load my pages using a > Cookie that holds some session related information. > > Although I'm in the wrong place, can I ask one question about the > Cookie.Expires method. If I set the Cookie to expire in 20 minutes, Cookies with such a short expiration date doesn't work well. If the user is in a different time zone, the cookie will either last for hours or expire immediately. > what > would be the best approach to keeping the session from expiring while someone > is working in the application. My thought is that I'm going to reset the > Expire minutes everytime a new page or transaction takes place. Good idea or > bad? Bad idea. Don't use the cookie expiration to keep track of the session timeout. Store the last request time in the cookie and set the expiration date to at least a day from now. -- Göran Andersson _____ http://www.guffa.com
|
Pages: 1 Prev: creating dynamic variables at run time Next: Alt-F4 But.... |