locked
Close a session on browser close RRS feed

  • Question

  • User1343581070 posted

    Hi,

           I am developing a shopping cart app in vs 2012 vb.net .  In web.config i have set sessiontimeout as 20 minutes. But if i close the browser after 10 minutes and reopen the browser before 20 minutes then the session is still active. I have seen several solutions but none seem to work. If i use onunload then that fires on page refresh also.

    Please help

    regards

    Sanjish

    Tuesday, April 25, 2017 7:52 AM

All replies

  • User753101303 posted

    Hi,

    What have you tried? An Ajax call might work but it is not always easy to distinguish between closing the last browser window on your site and unloading to go somewhere else.

    My personal preference would be to work with the web as it is ie provide a logout button to users.

    Tuesday, April 25, 2017 7:58 AM
  • User475983607 posted

    By default InProc Session ends when the browser is closed due to Session Id being stored in a non-persisted cookie.   Are you sure you the is a ASP Session issue?  Are you using a mode other than InProc?  Keep in mind that while it appears that InProc Session has ended on the client the server persists the data until the timeout fires.

    Maybe you really mean ASP forms authentication or ASP Identity?  If so, set the authentication token to not persist when authenticating.

    Otherwise explain what authentication or Session mode you are using and how the shopping cart is wired to the the authentication token or Session.

    Tuesday, April 25, 2017 11:14 AM
  • User1343581070 posted

    Hi,

           I am using "InProc" session mode with timeout of 20.  It is a simple shopping cart app and i am storing the cart products in a session variable. I want to dispose this session variable when the browser closes and trigger the session_end in global.asax

    Regards

    Sanjish

    Tuesday, April 25, 2017 12:58 PM
  • User-271186128 posted

    Hi SANJISH KUMAR,

    Please try to use beforeunload event.
    In the event you could call the ajax to clear session.
    For example:

    <script>
            $(document).ready(function () {
                window.addEventListener('beforeunload', recordeCloseTime);
            });
            function recordeCloseTime() {
                $.ajax({
                    type: "POST",
                    url: "WebService1.asmx/RecordCloseTime",
                });
            } 
    </script>
    

    Code in web service:

      [System.Web.Script.Services.ScriptService]
            public class ServiceToClearSession : System.Web.Services.WebService
            {
                [WebMethod(EnableSession = true)]
                public void RecordCloseTime()
                {
                    HttpContext.Current.Session.Clear();
                 
                }
            }
    

    You can refer to below link for more detail:

    https://code.msdn.microsoft.com/How-to-clear-session-when-660c1e6b

    Best regards,
    Dillion

    Wednesday, April 26, 2017 9:16 AM
  • User753101303 posted

    The problem is that finding that this is the last window that is closed is hard if even possible (starting anyway with just finding that a window is closing). AFAIK the closest is beforeunload which is to tell when a document is about to be unloaded (closing the window being just one of the many cases for which it could happen).

    Unless you have a single page application, IMHO properly handling this would require quite a lot of work (basically you would need to track all legitimate navigation cases and then what is left is closing the window) and would feel fragile.

    My personal preference is to avoid going against the web and keep things simple. Here I would provide users with a button to explicitely close their session (and dispose the cart),. Check perhaps how it is done on banking or other related sites.

    Wednesday, April 26, 2017 11:27 AM