Session.IsNewSession Always True

  • Thread starter Thread starter daokfella
  • Start date Start date
D

daokfella

I have an HttpHandler that is "pinged" via ajax to see if the user's
session has expired. I'm using Session.IsNewSession. However, I get
some weird results. In some testing, it works fine. However, sometimes
it just begins to return True no matter what. While debugging, the
Session was definitely not new (same SessionId).

I read somewhere that the Session_Start needed to be wired up in
Global.asax in order to use Session.IsNewSession reliably. It was
wired up, but no code was written inside the event. I added {string s
= "";} in the Session_Start event, and things started working OK, but
I'm afraid this is one of those "false" tests that I've had in the
past.

Does anybody have an explanation for me why this behavior might be
happening?
 
its a minor defect in your logic.

ajax (via httprequest) pings can not prevent the session timing out, as the
client cookie is not updated. the default (for an expired cookie) is to use
the same session id.

use a hidden image or iframe to do the ping.

-- bruce (sqlwork.com)
 
Thanks Bruce,

But let's say that the purpose of the ajax ping is to simply see if
the session expired or not (and not extend the session). What
javascript can I run to extend the session if the ajax request informs
me that the session is still alive?

Unfortunately, I don't want to keep the session alive indefinitely. I
do want the session to end. I want the ping to tell me if it has
ended. If so, I want to refresh the page (document.location =
document.location) so the user is redirected to the login page (the
page is secured).
 
its a minor defect in your logic.

ajax (via httprequest) pings can not prevent the session timing out, as the
client cookie is not updated. the default (for an expired cookie) is to use
the same session id.

use a hidden image or iframe to do the ping.

-- bruce (sqlwork.com)
Click to expand...

Is that true?
The client cookie does not need to be updated: it has no expiry date.
It's the server-side session that should be "touched". I was under the
impression that an Ajax call *with session enabled* (maybe readonly)
could do that.
Maybe you need to "do" something in the session, even if it is
Session["dummy"] = 0.

Hans Kesting
 
Back
Top