Clever Geek Handbook

Ways of clearing session variables will only clear current browser sessions?

The following session cleanup methods are used to log out by clicking

Session.Clear(); 
Session.RemoveAll();
Session.Abandon();

If I open my site in two browsers and exit from one browser. Session variables are not cleared in the second browser. Therefore it is not redirected to the exit.

Will the above methods only clear the current browser session variables? what is an efficient way to delete all browser sessions?

+3


source to share


2 answers


In general, when two browsers connect to your site, two different sessions will be created. The information in each session is independent of everyone else. Therefore, when you delete / clear a session, only the current session will be affected.

To destroy all sessions, let's say you are using InProc mode for session state (there are other modes => https://msdn.microsoft.com/en-us/library/ms178586(v=vs.140).aspx ), you can destroy all sessions by restarting the application pool. a few examples on the MSDN site .

        ServerManager serverManager = new ServerManager();
        ApplicationPoolCollection applicationPoolCollection = serverManager.ApplicationPools;
        foreach (ApplicationPool applicationPool in applicationPoolCollection)
        {
            //...
            applicationPool.Recycle();
            //...
        }
        // CommitChanges to persist the changes to the ApplicationHost.config.
        serverManager.CommitChanges();


P / s: The ServerManager class is in the Microsoft.Web.Administration package . This behavior should not be implemented in a logout event.

There are options for restarting application pools as well

  • Modify web.config file
  • Update the new DLL file
  • Using IIS Manager
+2


source


Hi, if you are using the main page and inside the back page do not use this code



Response.Cache.SetCacheability(HttpCacheability.NoCache);
                Response.Cache.SetExpires(DateTime.UtcNow.AddHours(-1));
                Response.Cache.SetNoStore();
                if (Session["ObjUser"] == null)
                {
                    Response.Redirect("~/UI/Login.aspx", true);
                }
                if (HttpContext.Current.Request.UrlReferrer == null)
                {
                    Response.Redirect("~/UI/Login.aspx", true);
                }
Run codeHide result


so here objuser session is ur current user session. if not using the main page then directly enter this code in ur login, not postback. I checked it to work fine with two browsers.

0


source






More articles:


All Articles