G
Goofy
Does anyone know how I can kill a session by session ID ?
Manish Bafna said:Hi,
I have read that unless you have configured to use cookieless session,the
ASP.NET by default uses cookies to maintain sessions.In fact cookie with
name
of sessionid is created on hard disk.So if we delete this cookie i think
we
would be able to abandon session by sessionid.Find below MSDN
Documentation
on how to delete cookie from user's machine:
Deleting a cookie-physically removing it from the user's hard disk-is a
variation on modifying it. You cannot directly remove a cookie because the
cookie is on the user's computer. However, you can have the browser delete
the cookie for you. The technique is to create a new cookie with the same
name as the cookie to be deleted, but to set the cookie's expiration to a
date earlier than today. When the browser checks the cookie's expiration,
the
browser will discard the now-outdated cookie. The following code example
shows one way to delete all the cookies available to the application:
C# Copy Code
HttpCookie aCookie;
string cookieName;
int limit = Request.Cookies.Count;
for (int i=0; i<limit; i++)
{
cookieName = Request.Cookies.Name;
aCookie = new HttpCookie(cookieName);
aCookie.Expires = DateTime.Now.AddDays(-1);
Response.Cookies.Add(aCookie);
}
Thanks and Regards,
Manish Bafna.
MCP and MCTS
Goofy said:Does anyone know how I can kill a session by session ID ?
Yes, I understand this. The problem I have is when users who close and
reopen the application several times and each time they generate new
sessions and consume resources.
What really need is to invoke something like to be run from session
start. Note Each time I start a session I log the username and session ID
in a table. Each time the session ends I delete the record for that user /
session ID. So on session start
If CheckSessionDatabaseRecordExists( Session("userName")
,Session("sessionID") ) then
'//This is what I need
Session.kill(SessionID)
'//
Robbe Morris said:If you use this product to manage session (the license may be free
if you only have one server), you can definitely do this.
It supports in memory session access from within or
outside the individual session. You can also share session
in memory across servers on a farm and application domains.
It basically gives you way to create a unique key and reference
what is stored under that key from any app on any server
regardless of application domain.
http://www.eggheadcafe.com/articles/scaleout_server.asp
--
Robbe Morris - 2004-2006 Microsoft MVP C#
I've mapped the database to .NET class properties and methods to
implement an multi-layered object oriented environment for your
data access layer. Thus, you should rarely ever have to type the words
SqlCommand, SqlDataAdapter, or SqlConnection again.
http://www.eggheadcafe.com/articles/adonet_source_code_generator.asp
It would be tidier though if you could kill the old sessions to preserve
resources. Its perhaps not so important in small applications, but when
there are hundreds of users on line, this could lead to problems.
I dont think option (2) will go down too well,
so initially I think option (3) is the quick and easy answer
as option (4) may have its own inherent problems.
I've heard of strange things happening when state is not managed inproc.
(not saying it cant work )
Like what...?
Like Session_End not firing... ?
Yes indeed, but that's by design, not strange or unexpected...
re:
heh, heh...
I find some "by design" behaviors quite strange.
;-)
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.