tags:

views:

358

answers:

2
Q: 

Accessing Session in background service using HttpModule

I am trying to create a background service in asp.net which checks for session timeouts and redirects the user to a timeout page ( not the login page ). My code is like this

public class SessionTimeoutModule : IHttpModule
{
    private static Timer timer;
    //Test value
    private const int interval = 1000 * 1 * 10;

    public void Init( HttpApplication application )
    {
        if ( timer == null )
        {
            timer = new Timer( new TimerCallback( CheckSessionTimeout ),
                         application.Context, 0, interval );
        }
    }

    private void CheckSessionTimeout( object sender )
    {
        HttpContext ctx = (HttpContext)sender;

        if ( ctx.Session != null && ctx.Session.IsNewSession )
        {
            var cookie = ctx.Request.Headers["Cookie"];
            if ( cookie != null )
            {
                if ( cookie.ToUpper().IndexOf( "ASP.NET_SESSIONID" ) >= 0 )
                {
                    ctx.Response.Redirect( "" );
                }
            }
        }
    }

    public void Dispose()
    {
        timer = null;
    }
}

The problem here is that i am not able to get the session value in the CheckSessionTimeout method. It is always null. How can get the Session here.

I have looked at this solution but it doesnt help.

A: 

I think there is a logical mistake here, even if you fix your code, you will never get an ended session.

if you can access to a session, it will have a sessionID. You can not get a session which ended by timeout by this way.

Maybe you should use global.asax's session_end. but I'm not sure it will help.

Also in here you can see, SessionID is not replaced until Session.Abandon.

Canavar  2009-02-24 16:17:18
From what i have observed, when the session ends the IsNewSession property is set to true , thats the reason I have added the ctx.Session.IsNewSession check so that i can validate against it. Even with that, i think what csgero says is true. Anyways thanks for your reply
Vinay  2009-02-26 06:38:03
+1  A: 

I'm afraid you are on the wrong track here. You cannot implement a background service an using an HttpModule like this. The HttpContext you are passing around is bound to an HTTP request, and I'm quite sure you should not keep it around like you're trying to do. Also even if you could detect the session time-out, there would be no way to redirect the user to a new page without an active request.
You might find this thread helpful.

csgero  2009-02-24 16:21:36

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps