ASP.NET Session Timeout?

Take a look at the Session_End() method in global.asax. The global. Asax file should already be wired to call this method when the session ends.

You can just put your code in there however you'd like Sub Session_End(ByVal sender As Object, ByVal e As EventArgs) ' Fires when the session ends End Sub Of course, you should note that the session is entirely a server-side thing. It'll only end after X minutes of inactivity (20 minutes is the default). It will not end the instant the user closes the window.ASP.NET has no knowledge of a user closing a window or leaving your page And in fact, it's tricky to try to perform any immediate action on the server-side when this happens.

I mean, it's easy to call window. Onbeforeunload in Javascript and bring up a confirm box before the user closes the window. But when you try to send a packet to the server immediately before the window actually closes, I think you'll find that it becomes a difficult task to make this all user-friendly.

You could write some Javascript that sends a message to the server using AJAX which notifies the server that the user is closing their browser, and then use more Javascript to close the browser after that message has been sent. But then the user will get the annoying message (in most browsers) stating that a script is trying to close the window. This will look very amateur-ish to the user and may make them think twice about coming back So if you're willing to put up with a delay, I'd just avoid this whole Javascript mess entirely and rely on a pure server-side solution using Session_End().

After all, if a user closes the window or leaves, ASP. NET will eventually notice because the session will timeout.

Take a look at the Session_End() method in global.asax. The global. Asax file should already be wired to call this method when the session ends.

You can just put your code in there however you'd like. Sub Session_End(ByVal sender As Object, ByVal e As EventArgs) ' Fires when the session ends End Sub Of course, you should note that the session is entirely a server-side thing. It'll only end after X minutes of inactivity (20 minutes is the default).

It will not end the instant the user closes the window. ASP. NET has no knowledge of a user closing a window or leaving your page.

And in fact, it's tricky to try to perform any immediate action on the server-side when this happens. I mean, it's easy to call window. Onbeforeunload in Javascript and bring up a confirm box before the user closes the window.

But when you try to send a packet to the server immediately before the window actually closes, I think you'll find that it becomes a difficult task to make this all user-friendly. You could write some Javascript that sends a message to the server using AJAX which notifies the server that the user is closing their browser, and then use more Javascript to close the browser after that message has been sent. But then the user will get the annoying message (in most browsers) stating that a script is trying to close the window.

This will look very amateur-ish to the user and may make them think twice about coming back. So if you're willing to put up with a delay, I'd just avoid this whole Javascript mess entirely and rely on a pure server-side solution using Session_End(). After all, if a user closes the window or leaves, ASP.NET will eventually notice because the session will timeout.

1 However, you should be aware that not all Session State Providers support the Session_End event. InProc session state should be fine, but for others you'll need to check the provider documentation before you rely on this event. – Joel Mueller Sep 11 '09 at 22:34 Good point.

I don't believe it'll work for StateServer or SQLServer sessions. – Steve Wortham Sep 11 '09 at 22:35 fyi - my javascript comment was in response to david's comment that it's hard and ugly 'to pop up a message reminding a user to save before they leave the page' - it isn't. I wasn't suggesting it as a solution for handling session_end.

That would be mental. – flesh Sep 11 '09 at 23:19 Thanks, I was aware of global Session_End function, I just wasn't sure it is working with timeouts and holds variables of expired session. JavaScript solution is very ugly, indeed.

– negative Sep 11 '09 at 7:17.

Session_end will handle the session time out issue. However, this will not fire when the user closes the browser or moves to a different URL. It waits until the session timeout expires.In order to detect the other conditions, you'll have to use javascript on the client.

However, these methods aren't always reliable depending on the browser/version, etc. Also if the user's computer shuts down, is unplugged, or they otherwise completely go away this script won't fire. You might consider other alternatives. What exactly are you trying to accomplish with this function?

The web is stateless so you're not going to know whether the user has closed the browser window. You can use the 'Session_End' event in the global. Asax file for session timeouts.

If you want access to all sessions, you can store them in a collection via the 'Session_Start' event, also in the global file .. Edit: If you want to intercept the close event of a page using javascript, here's how (note, this is unreliable): window. Onbeforeunload = closeIt; function closeIt(){ return "You have unsaved changes. Are you sure you want to leave this page?"; }.

1 It is important to remember a web site is NOT a windows program. For example it is very difficult to pop up a message reminding a user to save before they leave the page. It is possible, but not easy and typcially very ugly.

– David Basarab Sep 11 '09 at 21:47 David - no it isn't difficult and it's only as ugly as a windows dialog. – flesh Sep 11 '09 at 21:56 I think it is ugly because you can't control the way the message box looks. For instance in windows you can at least style it to look the same.

You could have a great looking site then here is the ugly message box. – David Basarab Sep 11 '09 at 23:53 I agree it would be nice to have the ability to style it the dialog, but Stackoverflow uses it, and it never offends me, it's so common as to be transparent to most users .. – flesh Sep 11 '09 at 8:25.

You could have a basepage which is inherited by every aspx page & in your base page init event just check for a session variable for nothing. If it is nothing then it means session has expired and you can redirect user to a login page.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.