Session_end, User Identity and resource cleanup

Discussion in 'ASP .Net' started by Dan Walls, Apr 16, 2004.

  1. Dan Walls

    Dan Walls Guest

    Hi,

    I am looking to clean up some database locks whenever a user session ends. A
    user session ends whenever they:

    a. shut down the browser and the session times out after 20 mins (20 mins is
    the default)
    b. they click logout button and I call session.abandon()

    However a user session ID can be the same over multiple sessions if it is in
    the same browser instance apparently.

    How can I get user identity information in the session_end routine - as the
    HttpContext object is not available there. Neither is the Response object.

    Or alternatively - is there some serverside event that occurs when a user
    authentication expires or is logged out by a formsauthentication.signout --
    I guess I could free the resources there...

    Thanks,
    Dan.
    Dan Walls, Apr 16, 2004
    #1
    1. Advertising

  2. Hi, Dan,

    In the Session_End event handler you can still read from the Session
    collection - just store the ID of the user inside it when the user signs in.

    Hope this helps
    Martin
    "Dan Walls" <> wrote in message
    news:407f49c7$...
    > Hi,
    >
    > I am looking to clean up some database locks whenever a user session ends.

    A
    > user session ends whenever they:
    >
    > a. shut down the browser and the session times out after 20 mins (20 mins

    is
    > the default)
    > b. they click logout button and I call session.abandon()
    >
    > However a user session ID can be the same over multiple sessions if it is

    in
    > the same browser instance apparently.
    >
    > How can I get user identity information in the session_end routine - as

    the
    > HttpContext object is not available there. Neither is the Response object.
    >
    > Or alternatively - is there some serverside event that occurs when a user
    > authentication expires or is logged out by a

    formsauthentication.signout --
    > I guess I could free the resources there...
    >
    > Thanks,
    > Dan.
    >
    >
    Martin Dechev, Apr 16, 2004
    #2
    1. Advertising

  3. > b. they click logout button and I call session.abandon()
    You need to be extremely careful here. See this article:
    http://www.developersdex.com/gurus/articles/746.asp

    --
    Regards,
    Alvin Bruney [ASP.NET MVP]
    Got tidbits? Get it here...
    http://tinyurl.com/27cok
    "Dan Walls" <> wrote in message
    news:407f49c7$...
    > Hi,
    >
    > I am looking to clean up some database locks whenever a user session ends.
    > A
    > user session ends whenever they:
    >
    > a. shut down the browser and the session times out after 20 mins (20 mins
    > is
    > the default)
    > b. they click logout button and I call session.abandon()
    >
    > However a user session ID can be the same over multiple sessions if it is
    > in
    > the same browser instance apparently.
    >
    > How can I get user identity information in the session_end routine - as
    > the
    > HttpContext object is not available there. Neither is the Response object.
    >
    > Or alternatively - is there some serverside event that occurs when a user
    > authentication expires or is logged out by a
    > formsauthentication.signout --
    > I guess I could free the resources there...
    >
    > Thanks,
    > Dan.
    >
    >
    Alvin Bruney [MVP], Apr 16, 2004
    #3
  4. > In the Session_End event handler you can still read from the Session
    > collection - just store the ID of the user inside it when the user signs
    > in.


    No, this isn't guaranteed to work. Abandon is responsible for tearing down
    the session object before the session end event fires. You aren't guaranteed
    valid results using this approach.

    --
    Regards,
    Alvin Bruney [ASP.NET MVP]
    Got tidbits? Get it here...
    http://tinyurl.com/27cok
    "Martin Dechev" <> wrote in message
    news:...
    > Hi, Dan,
    >
    > In the Session_End event handler you can still read from the Session
    > collection - just store the ID of the user inside it when the user signs
    > in.
    >
    > Hope this helps
    > Martin
    > "Dan Walls" <> wrote in message
    > news:407f49c7$...
    >> Hi,
    >>
    >> I am looking to clean up some database locks whenever a user session
    >> ends.

    > A
    >> user session ends whenever they:
    >>
    >> a. shut down the browser and the session times out after 20 mins (20 mins

    > is
    >> the default)
    >> b. they click logout button and I call session.abandon()
    >>
    >> However a user session ID can be the same over multiple sessions if it is

    > in
    >> the same browser instance apparently.
    >>
    >> How can I get user identity information in the session_end routine - as

    > the
    >> HttpContext object is not available there. Neither is the Response
    >> object.
    >>
    >> Or alternatively - is there some serverside event that occurs when a user
    >> authentication expires or is logged out by a

    > formsauthentication.signout --
    >> I guess I could free the resources there...
    >>
    >> Thanks,
    >> Dan.
    >>
    >>

    >
    >
    Alvin Bruney [MVP], Apr 16, 2004
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Giovanni Bassi
    Replies:
    0
    Views:
    639
    Giovanni Bassi
    Oct 20, 2003
  2. nalbayo
    Replies:
    2
    Views:
    5,491
    Bruce Barker
    Nov 11, 2005
  3. Frederick D'hont
    Replies:
    0
    Views:
    306
    Frederick D'hont
    Jul 25, 2005
  4. Replies:
    6
    Views:
    448
  5. Jeffrey
    Replies:
    3
    Views:
    132
    Joe Kaplan
    Sep 27, 2007
Loading...

Share This Page