How to Handle Session End in Global.Asax

Session_OnEnd in Global.asax redirect to controller action MVC ASP.NET

You can't do this. Session_End could be fired without an actual HTTP context. The user might have even closed his browser long before this event gets fired so there is nowhere to redirect to. The Request and Response objects are not available.

But you can create custom ActionFilter for handling this issue.

Redirect at Session Timeout in Global.asax in mvc4

Detecting Session expiry on ASP.NET MVC

Detecting Session Timeouts using a ASP.Net MVC Action Filter

asp.net values of Session variables in Session_End event

It is 100.

To test it yourself simply add the ASP.NET application file global.asax to your project and handle the Session_Start end Session-End events:

void Session_Start(object sender, EventArgs e)
{
   Session["Int"] = 100;          // 100
}

void Session_End(object sender, EventArgs e)
{
    object objInt = Session["Int"];  // it is still 100 here
}

You can end a Session by Session.Abandon() (or when it expires).

protected void Page_Load(object sender, EventArgs e)
{
    Session.Abandon();  // after this Session.End is called
}

How to trigger a method when session ends in c#

You can call it in Session_End method in global.asax.

void Session_End(Object sender, EventArgs E) 
{
    // Call your method  
}

ASP.NET global.asax end_session (session never end)

Response.Redirect(Request.RawUrl);

Will end your respones, it is the same as calling:

Response.Redirect(Request.RawUrl, true);

where the bool stands for stop the response, so your Session.Abandon() will never be called. If you want to do Session.Abandon() after your redirect you should call redirect with false:

Response.Redirect(Request.RawUrl, false);

Redirect MSDN

How does the baseclass call the Session_End method from Global.asax?

Between myself and a work colleague we have managed to resolve this question.

The solution is as follows:

Within my application i used a session variable to store the user name.

Once the session timed out then of course the user name session variable would be cleared from memory. This was the trigger i needed to force the application to return to the index page.

Solution

1st step:

//in the base class enter the following code

   protected override void OnLoad(EventArgs e)
    {
        if (Session["username"] == null)
        {
            Response.Redirect("~/SessionTimeout.aspx");
        }
        base.OnLoad(e);
    }

2nd step:

For each aspx code behind file i.e. the aspx.cs file for web form, instead of inheriting from the default (System.web.UI.Page) inherit from the base page:

   public partial class SessionTimeout : BasePage
    {
    }

final step:

set the sessionState attributes

<sessionState mode="InProc" cookieless="false" timeout="30"/>

Session_End in Global.asax.cs not firing using forms authentication

It's not possible to do a redirect in the Session_End method. It's not running as a result of a request, so it doesn't have a Response object and there is no response to redirect anywhere.

It's not possible to do anything in the browser as a result of the session expiring. The HTTP protocol is request oriented, so there is no way to push a message from the server to the browser without the browser asking for it.

The browser just can't find out if the session has expired or not. If you would poll the server to check if the session has expired, it would keep the session alive, defeating the purpose of the timeout.

You can make a redirect after 45 minutes using just client script:

window.setTimeout(function() {
  window.location.href = '/Timeout.aspx';
}, 1000*45*60);

However, this will make the redirect only based on the time since this browser window last contacted the server. If you have more than one browser window for the same session, it's possible that the session has actually not timed out.

---

Related Topics