Points related to Session_End event

Important points related to Session_End event:


1. While thinking of Session_End event one of the most important things is that the event is supported only when the session is maintained Inproc. The session_End event will not fire if you are using State server or SQL server.

2. Another important point to note is that Session_End event is fired by a worker process. This also means that Session_End event might not have all the permission that a normal page request has. So if you are trying to connect to the SQL server with Windows account, Session_End event might not have required permission, although you can connect to the SQL in Session_Start event.

3. Session_End will fire after a given amount of time where session has been inactive. The given time can be changed globally in the web.config file with the time out attribute or for individual session with the help of Session.Timeout property.

4. Session_End will also fire when someone calls the Session.Abondon method. Note that the Session_End event will not fire immediately. As said before the Session_End event is fired from worker process. Hence the session ID will also be same.

5. Remember the Session_End event will not fire in case the user closes the browser. HTTP is a stateless protocol. There is no way for the server to understand that the browser has been closed.

6. Also another very important thing to note here is that if you do not save anything in the session the Session_End event will not fire. There must be something saved in the session atleast once for the Session_End event to fire. This also means that if you save something in the session in the first request and abandon the session in the same request the Sesison_End event will not fire, as there was nothing saved in the session ever.


7. Response.Redirect cannot be used in Session_End event.

Comments

Post a Comment

Popular posts from this blog

Data Bound Controls in ASP.Net - Part 4 (FormView and DetailsView controls)

FormView The FormView control is used to display a single record from a data source. It is similar to the DetailsView control, except it displays user-defined templates instead of row fields. Creating your own templates gives you greater flexibility in controlling how the data is displayed. The FormView control supports the following features: ·          Binding to data source controls, such as SqlDataSource and ObjectDataSource. ·          Built-in inserting, updating and deleting capabilities. ·          Built-in paging capabilities. ·          Programmatic access to the FormView object model to dynamically set properties, handle events, and so on. ·          Customizable appearance through user-defined templates, themes, and styles. Templates For the FormView control ...
Read more

JavaScript - ES2015 (aka ES6)

The ES2015 Since this long time passed between ES5.1 and ES6, the release is full of important new features and major changes in suggested best practices in developing JavaScript programs. To understand how fundamental ES2015 is, just keep in mind that with this version, the specification document went from 250 pages to ~600. In this blog, we describe the most important changes. Arrow Functions A new  this   scope Promises Generators let   and  const Classes Constructor Super Getters and setters Modules Importing modules Exporting modules Template Literals Default parameters The spread operator Destructuring assignments Enhanced Object Literals Simpler syntax to include variables Prototype super() Dynamic properties For-of loop Map and Set New String methods New Object methods Arrow functions Arrow functions since their introduction changed how most JavaScript code looks (and works). Visually, it’s a simple and welcome ...
Read more

The Clickjacking attack and X-Frame-Options

Clickjacking  Clickjacking is a type of “web framing” or “UI redressing” attack. What that simply means in practice is that: 1. A user (victim) is shown an innocuous, but enticing web page (think watch online video) 2. Another web page (that generally does something important – think add friends on social network) is layered on top of the first page and set to be transparent 3. When the user thinks they are clicking on the web page they see (video), they are actually clicking on the higher layered (framed) page that is transparent There are two main ways to prevent clickjacking: 1.     Sending the proper X-Frame-Options HTTP response headers that instruct the browser to not allow framing from other domains 2.     Employing defensive code in the UI to ensure that the current frame is the most top level window Using X-Frame-Options X-Frame-Options  originally invented by Microsoft for IE8, but supported by a number ...
Read more