How can I prevent Sessions from ending just because the browser window is closed

  • Thread starter Christian Blackburn
  • Start date
C

Christian Blackburn

Hi Gang,

I would like to have my application retain sessions even after the user
closes their browser window, up unil the time the session is supposed
to time out. Right now if the user closes IE their session is
re-created. Is there any way around this?

Thanks,
Christian Blackburn
 
M

Marina Levit [MVP]

What do you mean by 're created'?

If the user closes the browser, nothing happens to their session. The
session will continue to be around until timeout.

I don't know what you mean by the session being recreated when the user
closes the browser.
 
M

Mark Rae

I would like to have my application retain sessions even after the user
closes their browser window, up unil the time the session is supposed
to time out.
Click to expand...

That's right.
Right now if the user closes IE their session is re-created.
Click to expand...

Of course it is. IIS has no means of knowing that a browser has been closed.
Is there any way around this?
Click to expand...

A way round what? This is standard behaviour.
 
C

Christian Blackburn

Hi Marina,

Thanks for your reply.
What do you mean by 're created'?
Click to expand...

When a user logs into my website, the site populates their session with
their access credentials. I then record that the user is logged in by
placing their session in the database (is deleted automatically when
their session times out via Global.asax). This is to prevent
simultaneous logins.

Once they close the browser window, even for two seconds if they go
right back and try to view the website a new session is assigned and
they're unable to log in, because as far as the website knows their
session is already in use.
I don't know what you mean by the session being recreated when the user
closes the browser.
Click to expand...

Once they go back to the page the website gives them a new session ID.


Thanks for your help,
Christian Blackburn
 
C

Christian Blackburn

Hi Mark,

Thanks for your reply.


Mark said:
That's right.
Click to expand...

That true the session is retained, but if they close their browser
within the 15 minute timeout period and go back to the site they'll
actually wind up with a different session entirely. That's exactly
what I don't want to happen.
Of course it is. IIS has no means of knowing that a browser has been closed.
Click to expand...

That's true IIS doesn't, but their cookie-based session should be
retained or at least there should be some setting I can enable to make
it so.
A way round what? This is standard behaviour.
Click to expand...

In my opinion standard behaviour and logical behaviour are often at
odds especially with buggy software.

Cheers,
Christian Blackburn
 
M

Mark Rae

In my opinion standard behaviour and logical behaviour are often at
odds especially with buggy software.
Click to expand...

I can't help that...

Imagine the scenario of an Internet Café...

User 1 fires up Internet Explorer, goes to your site (or HotMail or
whatever) and does what they need to do.

When they've finished, they close the browser, inadvertently forgetting to
click the Logout button.

User 2 takes the seat recently vacated by User 1, fires up Internet Explorer
and goes to your site.

How on earth can your site or ISS or anything else for that matter tell at
that moment whether User 1 is back having just made a quick visit to the
coffee machine and therefore connect to User 1's pervious session, or
whether User 2 has just connected and therefore create a new session?
 
Y

Yanesh Tyagi

You may set a cookie on the client machine. Also set a time out limit
(say 2 minutes). Now if a user closes the window, and get to your site
again, this cookie will give you the last session id and you can
manipulate your code accordingly.

Yanesh Tyagi
 
M

Mark Rae

You may set a cookie on the client machine. Also set a time out limit (say
2 minutes). Now if a user closes the window, and get to your site again,
this cookie will give you the last session id and you can manipulate your
code accordingly.
Click to expand...

And what if this is a shared public computer...?
 
C

Christian Blackburn

Hi Mark and Yanesh,

The way mark is describing it is correct. The timeout doesn't work
like that. It's a session cookie, that will timeout either when the
browser is closed or when the timeout ocurrs whichever is first.

Cheers,
Christian
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

How to effectively develop a web application from scratch? 0
ending sessions when browser is closed 2
Can I prevent the user from exiting a page? 2
end session when the browser window is closed. 8
How do I prevent new window from sharing session vars? 2
Exploring the open sessions, manually connecting one 0
Can I detect if there is more than one browser using the same session? 1
How can I make sure that Session_End is called when the user closes the browser? 6

Members online

Total: 40 (members: 1, guests: 39)
Robots: 655

Forum statistics

Threads
473,769
Messages
2,569,578
Members
45,052
Latest member
LucyCarper

Latest Threads

Top