Session timeout and recreating session

0
0

I’m about using WiseJ to create a multiuser application published on the Internet.
It has a login page where I redirect the users to once Application_SessionTimeout occurs. In this case I exit the app and create a new login form. So far so good.

What I want to prevent is to have multiple active but unused server sessions because of browsers which have the login page displayed but are not (currently) in use.

Therefore I have two solutions in mind:

  1. In case of timeout/application exit instead of creating a new login form (and a new session !) I display a html message stating the page has to be reloaded. In this case I think I don’t have to care about multiple unused sessions.
  2. The way I would prefer – but not sure if this is possible – I display the login form again in the browser but kill the session ! The user should be able to see the form and only when he clicks on “Login” a new session should be (re)created.

Maybe you can tell me if the second option is possible to realize with WiseJ ?

Thank you.

General
Share
  • You must to post comments
Filter
Sort by: Recently Active
1
1

You can kill the session calling Application.Exit. Once the session is killed, the server *only* sends back to the client the information that the session is gone. You can’t have a control without a session. The client cleans up everything and calls Wisej.onExit() on the global Wisej object.

You can assign your code in onExit and decide what to do. To reload the page and create a new session, which will show a new login scree, simply to do this:

https://wisej.com/support/question/how-to-show-a-logout-page-after-application-exit

This is the reference for IWisejCacheProvider.

https://wisej.com/docs/html/T_Wisej_Core_IWisejCacheProvider.htm

It is not related to this functionality. It’s useful only if you want to use a different cache manager. By default Wisej uses HttpRuntime.Cache.

  • You must to post comments
0
0

Thanks for your answer. But I have no idea what I can do with “IWisejCacheProvider”. Is there more documentation about it somewhere? Do you think option 2 would be possible to implement with this?

  • You must to post comments
0
0

When you get the session timeout, the session is *about* to timeout, it hasn’t timeout yet. If you want to “kill” the session use Application.Exit(). It will cause the session to get disposed and removed from the session manager. Or, after the real session timeout (which is the session timeout se in default.json * 2), the session is removed automatically. Session don’t remain in memory more than sessionTimeout * 2.

You can also implement a custom IWisejCacheProvider by implementing Wisej.Core.IWisejCacheProvider and adding the fully qualified class name as an application key in web.config using  “Wisej.CacheProvider” as the key.

  • You must to post comments
Showing 3 results
Your Answer

Please first to submit.