How session expires when user close browser

Posted by SurajRane under ASP.NET on 6/8/2010 | Views : 28754 | Status : [Member] | Replies : 9

Write New Post |

Search Forums | Answered

Resolved Posts |

Un Answered Posts |

Forums Home

Hi,

It was asked me in an interview.

1. if I log In to any webSite. Then i close the browser. I open new browser and enter the same website url. what will happen?

2. if you answer "i will be on login page". then how server comes to know session is expired at client side.

I answered him that, when we close browser auth cookie is deleted. session remain active on server until session timeout is reached.
when we make new request it will check auth cookie and if not found send user to login page.

Hussshh.. he was not satisfied. Do you have better answer.

Reply | Reply with Attachment

Alert Moderator

Responses

Posted by: Vuyiswamb on: 6/8/2010 [Member] [MVP] [Administrator] NotApplicable

0	SurajRane a Session and a cookie are two different cookies. let me explain an interactive behavior that we handle most of the time in our applications. When the user closes the page or logs out. We clear the session variable with something like Session.Abandon(); or you set the session value to null. Now when a user closes the page the global.asa methods gets fired. The method name is Session_End() Thank you for posting at Dotnetfunda [Administrator] SurajRane, if this helps please login to Mark As Answer. \| Alert Moderator

SurajRane

a Session and a cookie are two different cookies. let me explain an interactive behavior that we handle most of the time in our applications. When the user closes the page or logs out. We clear the session variable with something like


        Session.Abandon();

or you set the session value to null.
Now when a user closes the page the global.asa methods gets fired. The method name is

 Session_End()

Thank you for posting at Dotnetfunda
[Administrator]

SurajRane, if this helps please login to Mark As Answer. | Alert Moderator

Posted by: SurajRane on: 6/9/2010 [Member] Starter

0	ya Vuyiswamb but lets say session timeout is 20 mins. I logged in and after 5 mins i close browser without logging off. Now at 7th minute i again open browser and entered the same url. See here my session is still active on server as (just 7 mins passed and timeout is 20 mins) but still it redirects me to login page. one of my team mate told me that it is checking auth cookie which has session id in it. server pick up this session id and look up for the session with that id;if found you are authenticated else redirected to login page. verify my understanding :) SurajRane, if this helps please login to Mark As Answer. \| Alert Moderator

ya Vuyiswamb

but lets say session timeout is 20 mins. I logged in and after 5 mins i close browser without logging off.

Now at 7th minute i again open browser and entered the same url.

See here my session is still active on server as (just 7 mins passed and timeout is 20 mins)

but still it redirects me to login page.

one of my team mate told me that it is checking auth cookie which has session id in it. server pick up this session id and look up for the session with that id;if found you are authenticated else redirected to login page.

verify my understanding :)

SurajRane, if this helps please login to Mark As Answer. | Alert Moderator

Posted by: Vuyiswamb on: 6/9/2010 [Member] [MVP] [Administrator] NotApplicable

0	SurajRane , if you close the browser you are killing the session. when you login again you will be having a null Session variable. a Cookie its something different from a Session and they are not linked in any way. Thank you for posting at Dotnetfunda [Administrator] SurajRane, if this helps please login to Mark As Answer. \| Alert Moderator

Posted by: Muhilan on: 6/9/2010 [Member] Starter

0	when ever if you enter the URL , browser request send to server that time new session will be created. suppose if you close the browser without logout or session expired function. the session will be remain in server. but next time the server generate new session id for the next request. That's why you are redirecting to login page before first session expires. SurajRane, if this helps please login to Mark As Answer. \| Alert Moderator

when ever if you enter the URL , browser request send to server that time new session will be created.

suppose if you close the browser without logout or session expired function. the session will be remain in server. but next time the server generate new session id for the next request.

That's why you are redirecting to login page before first session expires.

SurajRane, if this helps please login to Mark As Answer. | Alert Moderator

Posted by: Sun.V on: 10/30/2012 [Member] Starter | Points: 25

0	if browser is closed without clicking of log out button. Then how we have expires our session. exaple: if session time out is 20 mins. after 10 mins unfortunetely user closed the browser. then he want to open after 5 mins. it is show ing your previous session is not killed. how we want kill the session if browser is closed without clicking of log out button. please help me any mody SurajRane, if this helps please login to Mark As Answer. \| Alert Moderator

if browser is closed without clicking of log out button. Then how we have expires our session.
exaple: if session time out is 20 mins. after 10 mins unfortunetely user closed the browser. then he want to open after 5 mins. it is show ing your previous session is not killed. how we want kill the session if browser is closed without clicking of log out button. please help me any mody

SurajRane, if this helps please login to Mark As Answer. | Alert Moderator

Posted by: Hemanth.Gottipati on: 1/7/2013 [Member] Starter | Points: 25

0	with in the same browser user close the browser impossible to kill the session...for different browsers session kill is possible...i am trying to kill the session when user close the browser for past 3days..but no solution...i think its impossible... SurajRane, if this helps please login to Mark As Answer. \| Alert Moderator

Posted by: Ankitsrist on: 1/8/2013 [Member] Starter | Points: 25

0	but gmail does not have any session timeout...its session not get expired after any fixd time until user manualy logout....nd when we close window nd suddenly open it again automaticaly redirect to the inbox of that user... SurajRane, if this helps please login to Mark As Answer. \| Alert Moderator

Posted by: Rajeshk on: 1/8/2013 [Member] Starter | Points: 25

0	Hai Techies, here is the answer The only difference between "Session" and "Application" states is: "The Session state data will be lost automatically whenever the browser is closed. But the Application state data will not be lost even after the browser is closed. It will remain until you stop the web server". Thanks&Regards rajeshkommireddy@gmail.com SurajRane, if this helps please login to Mark As Answer. \| Alert Moderator

Hai Techies,
here is the answer
The only difference between "Session" and "Application" states is: "The Session state data will be lost automatically whenever the browser is closed. But the Application state data will not be lost even after the browser is closed. It will remain until you stop the web server".

Thanks&Regards
rajeshkommireddy@gmail.com

SurajRane, if this helps please login to Mark As Answer. | Alert Moderator

Posted by: perfectchourasia-9163 on: 1/10/2013 [Member] Starter | Points: 25

0	If saved the password then may it reappear again otherwise not. http://sandeep-chourasia.blogspot.in/ ER sandeep chourasia sandeepchrs@yahoo.com (on facebook) http://www.aspnetcodes.com/ SurajRane, if this helps please login to Mark As Answer. \| Alert Moderator

Latest Posts