Session expired after browser closed
Hi all,
I'm having a problem with the session after the browser is closed. When the browser is (completely) closed, I always need to login in again on my own website. I don't need to login if only one tab is closed.
So for example:
Situation 1:
- Open a browsers
- Open a second tab, open my site (and login).
- Close second tab and reopen my site (no login needed)
Situation 2:
- Open a browser.
- Open a second tab, open my site (and login).
- Close all tabs and browser completely. When I now open my site again, I have to login.
I'm use State Server to maintain the session state. I tested the same with 'In Process', but has the same result.
Any idea what is causing this and how to solve? When I google for this, I can only find people who are trying to expire the session on browser close. That's completely the other way around. Am I missing something?
Thanks,
Danny
Re: Session expired after browser closed
It depends on where your site is storing the login info..
If it's using a per-session cookie .. the session info is lost when the browser is closed (per-session cookies are kept in memory and not disk)
if it's using persistent cookies, then the info is stored to disk, and available on startup of the browser..
Re: Session expired after browser closed
I'm using the defaults of ASP.NET. I guess this is per-session cookie..
Is there any kind of setting to use persistent cookies? Or do I need to write the session id into the correct cookie each request?
Re: Session expired after browser closed
have a look at this MSDN entry
Re: Session expired after browser closed
I don't understand a few things:
Quote:
The SessionID property is used to uniquely identify a browser with session data on the server. The SessionID value is randomly generated by ASP.NET and stored in a non-expiring session cookie in the browser
Non-expiring? It does expire right?!
Quote:
When using cookie-based session state, ASP.NET does not allocate storage for session data until the Session object is used. As a result, a new session ID is generated for each page request until the session object is accessed.
I use the session object on every page request, and still I receive a new session id on each request.
Re: Session expired after browser closed
Quote:
Originally Posted by
dannystommen
Non-expiring? It does expire right?!
Right and Wrong ... It does not expire for as long as the browser stays open, It the browser app stays open and runs for 10 years, the Session cookie would not have expired.
Quote:
Originally Posted by
dannystommen
I use the session object on every page request, and still I receive a new session id on each request.
Are you calling the original Session Object or creating a new one????
Re: Session expired after browser closed
Quote:
Originally Posted by
GremlinSA
Are you calling the original Session Object or creating a new one????
Don't know actually.. I'm simply using Session["user"] = ...
Re: Session expired after browser closed
Quote:
Originally Posted by
dannystommen
Don't know actually.. I'm simply using Session["user"] = ...
I suggest you check....
And the 'Code Snip' you gave helps nothing to help determine if you are or aren't .....
Re: Session expired after browser closed
I didn't know that there's a difference between using the original Session object or creating a new one. That's why I said "don't know actually", so I have also no idea how to check this either.
As mentioned before, in the OnInit event of each page request I do the following
Code:
if (Session["user"] == null)
{
Response.Redirect("/login.aspx");
}
In the login page:
Code:
..
Session["user"] = loggedInUser;
I guess that I'm using the original Session object, right?
Re: Session expired after browser closed
Quote:
Originally Posted by
dannystommen
I didn't know that there's a difference between using the original Session object or creating a new one. That's why I said "don't know actually", so I have also no idea how to check this either.
As mentioned before, in the OnInit event of each page request I do the following
Code:
if (Session["user"] == null)
{
Response.Redirect("/login.aspx");
}
In the login page:
Code:
..
Session["user"] = loggedInUser;
I guess that I'm using the original Session object, right?
http://csharpdotnetfreak.blogspot.co...-redirect.html
This may be helpful. Let me know.
Regards,
Quinn
Re: Session expired after browser closed
Quinn, I don't see want your article tries to explain.
I've created a workaround I found somewhere, and seems to work just fine
Code:
protected override void OnPreInit(EventArgs e) {
base.OnPreInit(e);
//make session cookie 'persistant', otherwise it will expire on browser close
if (Session != null) {
//create cookie with session id name
HttpCookie cookie = new HttpCookie("ASP.NET_SessionId");
//add the session id
cookie.Value = Session.SessionID;
//set expire to 12 hours
cookie.Expires = DateTime.Now.AddHours(12);
//add the cookie to the response
Response.Cookies.Add(cookie);
}
}
