CODEWITHSUNDEEP
asp.netsession-variables
Jenda Matejicek
Jenda Matejicek

Reputation: 151

ASP.Net - What happend after session timeout expires

I'm a newbie in ASP.Net and I have a basic question. I tried to find answer it but I failed.

I use session variable for carry the logged user ID through pages in my web app.

 if (Session["LoggedUserKey"] == null)
 {
     Session.Add("LoggedUserKey", UserID);
 }
 else
 {
     Session["LoggedUserKey"] = UserID;
 }

I am not sure what will happen after session timeout expires? Will I lose my user ID? And will be the session timeout extended when I'll ask about the session variable like:

protected void Page_Load(object sender, EventArgs e)
{
    if (Session["LoggedUserKey"] == null)
    {
         Response.Redirect("~/Login.aspx");
         return;
    }
}

Upvotes: 0

Views: 6401

Answers (3)

SamuraiJack
SamuraiJack

Reputation: 5539

You are checking whether LoggedUserkey is null or not .. if it is you are adding UserId which you probably must be getting from a TextBox to LoggedUserkey . What is the purpose of else part? When LoggedUserkey already has UserId or then why are you adding UserId again? You have already lost the UserId the moment session expired.

The second code makes sense.. Once your session expires. (after 20 mins by default) On page Load if Session["LoggedUserKey"] == null then you are redirecting user to Login.aspx page.

Also note that the timeout session is reset every time you interact with the server. Such as refreshing a page or any activity that interacts with server.

Upvotes: 3

R.C
R.C

Reputation: 10565

When the session expires, or session timeout occurs, the Session_End event in global.asax is raised (except when session is handled by the DB) and the session collection is finally cleared.

If any objects are NOT holding a reference to any of values in the session collection, then GC will collect it. However Not much can be said about when exactly will the GC remove those objects.

Also, regarding the session time out extended or Not, The timeout says current number of minutes that must elapse before the current session will be abandoned, provided that no more requests are received from the client. This value can be changed programmatically, giving you the chance to make the session collection remain for longer term when required for more important operations.

So, conclusion is that session does gets extended when users performs some activity before the timeout period. If users do some activity after timeout period, session will definitely expire and users will be redirected to login page or appropriate next steps will occur depending on your setup.

Upvotes: 2

Vikas Rana
Vikas Rana

Reputation: 1999

Your session has expired when session timeout you can extand the session time out in web.config as

<sessionState timeout="60"></sessionState>

then session will expire in 60 minutes you can give your custom time in this .you simply can not get the userid when session expire. for example the bannking sites where session timeoutt is only few minutes. after these you have to start a new session if you dont send any request to the server in time less them session timeout

Upvotes: 1

Related Questions