Question about handling application close events

  • Thread starter Thread starter Pierke
  • Start date Start date
P

Pierke

Hey guys out there,

I really need your help, i am building up a web site, so
for security reasons i need to do "some things" before the
user log off, and i indeed do it. Now the matter is that
any user can also CLOSE the page without logging off, and
by then i would need to be able to so "some things" (such
as save his log off time) and i need to do it before the
application get close, i have tried a hundred times to put
some code on the Global.asax file in the procedure
application_end or session_end, but it is like it never
passes through this peace of code. So, can you tell me
where to put the code i want to execute in the very moment
in which the application start closing? Thanks in
advantage,

Pierke
 
Pierke,

The Session_End handler is the appropriate place to handle this sort of
action. However, this handler is only called when you a) explicitly close the
session in your code (e.g. in response to a user "log out" action which you
define), or b) when the session times out.

Note that if the client browser is simply closed without giving you the
opportunity to programmatically close the session, your Session_End handler
will not fire until the session times out. This is probably why you are not
seeing this event fire.

The timeout for the session can be modified in the web.config <sessionState>
tag timeout attribute (which is given in minutes), eg:

<configuration>
<system.web>
<sessionState mode="InProc" timeout="20" />
</system.web>
</configuration>

However it is not recommended to set this timeout too small (except when
testing your session end handler, where you could set it down to just 1
minute so you dont have to wait too long for it to fire when debugging) as
the session may start timing out whilst the user is still reading / working
on a single page.

Hope this helps,
Chris.
 
As a suggested work-around for the logoff time question, how about
maintaining a "last user action" field instead? This could be used to
effectively monitor the last time the user interacted with the
application, either clicking a button, updating a field, or even
logging off.

I know it is not what you were asking, but it might reduce your
problems to remove one aspect.
 
Chris,

Thanks a lot for what you told me. It was of great help, i indeed didn't
know the handler session_end was invoked when the session times out,
once the client has simply closed the browser without logging off. I
thought there was no way to access this handler in this case. I am
ashamed for being so ignorant, but i must admit i am kind of novice to
all this dotNet technology. You might even not believe me that it was
just two weeks ago when i first ran Visual Studio.net.
Now i can save the log off time of the user, although some minutes later
than he does, in case he doesn't log off properly of course. So once
more thanks you so much and good luck!!!


Pierke
 
Marc,


Thanks anyway, you are right this is not what i was asking but what you
suggest me is a very good idea as well. Trust me i would take in
serously into accound, since i am rather interested in the last time the
client interacted with the page than the time he logges off. At the
moment, i am making a decission upon whether to register the client log
off time OR the client last action time.
Well, have a nice day and thank for your help,


Pierke
 
Back
Top