Cookie add in the Global.asax warning in application log

Question

In my Global.ASAX file i have the following:

void Session_End(object sender, EventArgs e) 
{
    System.Web.HttpCookie isAccess = new System.Web.HttpCookie("IsAccess");
    isAccess.Expires = DateTime.Now.AddDays(-1);
    isAccess.Value = "";
    System.Web.HttpContext.Current.Response.Cookies.Add(isAccess);
}

So every time this method this is called in the application, the following event is logged in the application log as warning:

Event code: 3005 
Event message: An unhandled exception has occurred. 
Event time: 5/25/2010 12:23:20 PM 
Event time (UTC): 5/25/2010 4:23:20 PM 
Event ID: c515e27a28474eab8d99720c3f5a8e90 
Event sequence: 4148 
Event occurrence: 332 
Event detail code: 0 

Application information: 
    Application domain: /LM/W3SVC/2100509645/Root-1-129192259222289896 
    Trust level: Full 
    Application Virtual Path: / 
    Application Path: <PathRemoved>\www\ 
    Machine name: TIPPER 

Process information: 
    Process ID: 6936 
    Process name: w3wp.exe 
    Account name: NT AUTHORITY\NETWORK SERVICE 

Exception information: 
    Exception type: NullReferenceException 
    Exception message: Object reference not set to an instance of an object. 

Request information: 
    Request URL:  
    Request path:  
    User host address:  
    User:  
    Is authenticated: False 
    Authentication Type:  
    Thread account name: NT AUTHORITY\NETWORK SERVICE 

Thread information: 
    Thread ID: 7 
    Thread account name: NT AUTHORITY\NETWORK SERVICE 
    Is impersonating: False 
    Stack trace:    at ASP.global_asax.Session_End(Object sender, EventArgs e) in <PathRemoved>\Global.asax:line 113

Any idea why this code would cause this error?

Answer 1

Any idea why this code would cause this error?

My guess is that you are accessing the response in a method in which no response exists.

In which method of Global.asax are you calling this code?

Answer 2

It looks like you're trying to modify cookies during the Session_End event. This won't work because the end of a session (Session_End) doesn't correspond to an HTTP request from a user. Instead, it is initiated by ASP.NET 20 minutes (or whatever your session timeout is set to) after the last HTTP request was received from a particular user.

Answer 3

It looks like the Session_End...there's probably no HttpContext, let alone a response.

If you're just trying to clear a cookie at the end of a session, can't you just not set an expire date, and let it clear when the user closes their browser?