Kill And ASP.NET Session

G

Goofy

Yes, I understand this. The problem I have is when users who close and
reopen the application several times and each time they generate new
sessions and consume resources.

What really need is to invoke something like to be run from session start.
Note Each time I start a session I log the username and session ID in a
table. Each time the session ends I delete the record for that user /
session ID. So on session start

If CheckSessionDatabaseRecordExists( Session("userName")
,Session("sessionID") ) then
DeleteSessionDatabaseRecord(Session("userName"),Session("sessionID")

'//This is what I need
Session.kill(SessionID)
'//

End if

this would fire the session end event for that particular session and
release its state storage etc.

Cheers



Manish Bafna said:
Hi,
I have read that unless you have configured to use cookieless session,the
ASP.NET by default uses cookies to maintain sessions.In fact cookie with
name
of sessionid is created on hard disk.So if we delete this cookie i think
we
would be able to abandon session by sessionid.Find below MSDN
Documentation
on how to delete cookie from user's machine:
Deleting a cookie-physically removing it from the user's hard disk-is a
variation on modifying it. You cannot directly remove a cookie because the
cookie is on the user's computer. However, you can have the browser delete
the cookie for you. The technique is to create a new cookie with the same
name as the cookie to be deleted, but to set the cookie's expiration to a
date earlier than today. When the browser checks the cookie's expiration,
the
browser will discard the now-outdated cookie. The following code example
shows one way to delete all the cookies available to the application:



C# Copy Code
HttpCookie aCookie;
string cookieName;
int limit = Request.Cookies.Count;
for (int i=0; i<limit; i++)
{
cookieName = Request.Cookies.Name;
aCookie = new HttpCookie(cookieName);
aCookie.Expires = DateTime.Now.AddDays(-1);
Response.Cookies.Add(aCookie);
}

Thanks and Regards,
Manish Bafna.
MCP and MCTS

Goofy said:
Does anyone know how I can kill a session by session ID ?
 
M

Mark Rae

Yes, I understand this. The problem I have is when users who close and
reopen the application several times and each time they generate new
sessions and consume resources.

Yes, that's right - this behaviour is by design - hack about with it at your
peril...!
What really need is to invoke something like to be run from session
start. Note Each time I start a session I log the username and session ID
in a table. Each time the session ends I delete the record for that user /
session ID. So on session start

If CheckSessionDatabaseRecordExists( Session("userName")
,Session("sessionID") ) then

As you correctly state above, closing and re-opening the application
generates a *new* session. As a *new* session will have a *new* SessionID
(OK, this isn't absolutely always the case in every single scenario, but it
almost always is), surely the above code will (almost) never return True
because the new session will (almost) always have a new SessionID...?
'//This is what I need
Session.kill(SessionID)
'//

Every single method of the Session object operates on the *current*
session - there is no mechanism for passing in a SessionID...
http://msdn2.microsoft.com/en-gb/library/ms524319.aspx
 
J

Juan T. Llibre

If you mean from outside the session itself ( like in another application ), you can't.

If from within the same session : Session.Abandon
 
G

Goofy

In my scenario, each time a user gets a new session, they get a record in
the whosOn table which records the time, userName and session ID.

So they access the application, close the window and access the application
again before the first session times out two sessions would be recorded in
whosOn. My mistake on the function, it should have read.

If CheckSessionDatabaseRecordExists( Session("userName") Then

eithe kill the session for that record or simply delete it from the
database

End If

Now created the new record.

The approach I have taken in light of what you say and what I have read, is
that I simply delete the previous records with the same username before
creating a new one. When the old sessions time out there will be nothing for
them to delete.

It would be tidier though if you could kill the old sessions to preserve
resources. Its perhaps not so important in small applications, but when
there are hundreds of users on line, this could lead to problems.

Thanks for your input though.
 
R

Robbe Morris [C# MVP]

If you use this product to manage session (the license may be free
if you only have one server), you can definitely do this.

It supports in memory session access from within or
outside the individual session. You can also share session
in memory across servers on a farm and application domains.

It basically gives you way to create a unique key and reference
what is stored under that key from any app on any server
regardless of application domain.

http://www.eggheadcafe.com/articles/scaleout_server.asp

--
Robbe Morris - 2004-2006 Microsoft MVP C#
I've mapped the database to .NET class properties and methods to
implement an multi-layered object oriented environment for your
data access layer. Thus, you should rarely ever have to type the words
SqlCommand, SqlDataAdapter, or SqlConnection again.
http://www.eggheadcafe.com/articles/adonet_source_code_generator.asp
 
G

Goofy

I'll take a look, thanks for your help.



Robbe Morris said:
If you use this product to manage session (the license may be free
if you only have one server), you can definitely do this.

It supports in memory session access from within or
outside the individual session. You can also share session
in memory across servers on a farm and application domains.

It basically gives you way to create a unique key and reference
what is stored under that key from any app on any server
regardless of application domain.

http://www.eggheadcafe.com/articles/scaleout_server.asp

--
Robbe Morris - 2004-2006 Microsoft MVP C#
I've mapped the database to .NET class properties and methods to
implement an multi-layered object oriented environment for your
data access layer. Thus, you should rarely ever have to type the words
SqlCommand, SqlDataAdapter, or SqlConnection again.
http://www.eggheadcafe.com/articles/adonet_source_code_generator.asp
 
M

Mark Rae

It would be tidier though if you could kill the old sessions to preserve
resources. Its perhaps not so important in small applications, but when
there are hundreds of users on line, this could lead to problems.

Several options, then:

1) Make the sessions as small as possible

2) Reduce the Session.Timeout from its default of 20 minutes

3) Add more memory to your webserver

4) Use SQL Server to manage state instead of InProc
 
G

Goofy

I dont think option (2) will go down too well, so initially I think option
(3) is the quick and easy answer as option (4) may have its own inherent
problems.

I've heard of strange things happening when state is not managed inproc.
(not saying it cant work ), but no point in adding extra risk if I can avoid
it.

Thanks for your help.
 
M

Mark Rae

I dont think option (2) will go down too well,

You might be pleasantly surprised, in fact...
so initially I think option (3) is the quick and easy answer

Well, it's certainly quick and easy - if you are maxed out on your server's
RAM capacity, you could always look at throwing more hardware at the problem
by getting more servers and using NLBS...
as option (4) may have its own inherent problems.

Such as...?
I've heard of strange things happening when state is not managed inproc.

Like what...?
(not saying it cant work )

Well, obviously it *can* work otherwise it wouldn't be there...
 
M

Mark Rae

re:

heh, heh...

I find some "by design" behaviors quite strange.

;-)

Ah yes, but that's a different argument... :)

E.g. why doesn't HttpWebRequest implement IDisposable...? Did they just
forget...?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,902
Latest member
Elena68X5

Latest Threads

Top