locked
Clear Session Varible RRS feed

  • Question

  • User705563967 posted

    Hi,

    I am using asp.net state server for mainting the session state aslo my application used single sign on for Authentication.I want to clear session variable when user close the browser or redirect to another site .

    Second I want to audit when user logout the application.I put my code in global.asax  on Session_end or Applicaiton_end but its not firing when I change the session management to "Inproc" is firing the event but I want to used state server.

    Monday, January 24, 2011 6:43 AM

Answers

  • User616745175 posted

    Hi,

    try these

    Remove Session Variable
    ==============================
    HttpSessionState.Remove()

    Explicitly kill a user's session
    ==============================
    Session. Abandon

    Turn off the Session state for a webform
    ============================================================
    Set the EnableSession state to false in webform properties window


    Using Script u can rediredirect to the SignOut page:

    function CloseSession( )
    {
        location
    .href = 'SignOut.aspx';
    }
    window
    .onbeforeunload = CloseSession;

    or

    function window_onunload()

    {

    window.open("/SignOut.aspx", "clearsession",

    "height=100,width=100,status=no,toolbar=no,menubar =no,location=no");

    }

    u can also use

    HttpContext.Current.Session.Clear()

    System.Web.Security.FormsAuthentication.SignOut()

    Using  authentication

    <authentication mode="Forms">
    <forms
    name="TicketCookie"
    loginUrl="Login.aspx"
    defaultUrl="Default.aspx"
    protection="All"
    timeout="20"
    path="/"
    slidingExpiration="true"
    cookieless="UseCookies"
    requireSSL="false">
    </forms>
    </authentication>


    <authorization>
          <deny users="?"/>
        </authorization>

    Refer these forum for global.asax:
    http://forums.asp.net/p/1626987/4184593.aspx

    hope it works..

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, January 24, 2011 8:03 AM

All replies

  • User1637850196 posted

    Session.Abandon()


    This should help you,

    Cheers!

    Monday, January 24, 2011 7:01 AM
  • User-134105967 posted

    Hi;

       You must use Session.Abandon(); and also set the values of session variables that you have set in the login time to null or zero, what ever it is worthless. This will ensure more security for your application.

    Monday, January 24, 2011 7:09 AM
  • User590655761 posted

    a

    You could use Session.RemoveAll() function to remove all the variables in the session or Session.Remove("VariableName") to remove specific variable.

    If you want to end whole Session Then You Can use Seesion.Abendon() .


    Monday, January 24, 2011 7:31 AM
  • User616745175 posted

    Hi,

    try these

    Remove Session Variable
    ==============================
    HttpSessionState.Remove()

    Explicitly kill a user's session
    ==============================
    Session. Abandon

    Turn off the Session state for a webform
    ============================================================
    Set the EnableSession state to false in webform properties window


    Using Script u can rediredirect to the SignOut page:

    function CloseSession( )
    {
        location
    .href = 'SignOut.aspx';
    }
    window
    .onbeforeunload = CloseSession;

    or

    function window_onunload()

    {

    window.open("/SignOut.aspx", "clearsession",

    "height=100,width=100,status=no,toolbar=no,menubar =no,location=no");

    }

    u can also use

    HttpContext.Current.Session.Clear()

    System.Web.Security.FormsAuthentication.SignOut()

    Using  authentication

    <authentication mode="Forms">
    <forms
    name="TicketCookie"
    loginUrl="Login.aspx"
    defaultUrl="Default.aspx"
    protection="All"
    timeout="20"
    path="/"
    slidingExpiration="true"
    cookieless="UseCookies"
    requireSSL="false">
    </forms>
    </authentication>


    <authorization>
          <deny users="?"/>
        </authorization>

    Refer these forum for global.asax:
    http://forums.asp.net/p/1626987/4184593.aspx

    hope it works..

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, January 24, 2011 8:03 AM
  • User616745175 posted

    HI,

    Which Solution worked out in ur Strategy..

    Wat was the Answer to ur Post?



    Thursday, January 27, 2011 1:02 AM