Last post Mar 04, 2015 11:25 AM by PatriceSc
Mar 03, 2015 05:46 PM|Angelo.net|LINK
I would like your help, the case
is as follows.
On my system, when the user
logs in with
your username and password log, for example the user John, into
your computer at 'X',
I save the user's
computer data, including the session variable:
in the database.
If by any chance, that user
(or another person with
your login details) try to
log into another computer 'Y' with the same
login information of John,
I identify that the same user is
logging in from another machine,
and try to force the
end of the previous session
For example, i get the sessionid that I saved
in my Database:
string session = Convert.ToString(dsSession.Tables["infos"].Rows["session"]);//so when the user John open the system in a another computer('Y'), the the last session (in
the computer 'X') remains open, and I tried
some codes to close it,
since I have the ID,
but nothing worked, I tried the
//I try 'abandon' the 'session' that i get the id from DB with dataset above, so try this:
//but, if in my data base the sessionid saved (of computer X) is "uyeafl0kspp2adflotwqww12", i debug this line code:
Session.Abandon(session), and the session abandoned
is the current session opened (in the computer Y, so the session abandoned is 'zeswasswgf3z62qg96wqafz'), and the session opened of John in computer 'x' remains
I try this too:
// no way work.
May have other
ways of doing this, but
would like to learn the way it
started and ended
this my reasoning.
That is, in short,
if I have the session id
saved, I guess I
just have the ID,
and use as a string to
reference it, and inform this session ID
via code to
remove or abandon this
specifically session ID to
Thanks in advanced.
Mar 04, 2015 02:36 AM|Summer - MSFT|LINK
According to your description, I think you should make a judgement that check whether the session state is open before you log into in Computer Y, if the session state is open, you should close it.
Something about Starting and Ending Session, please refer to the link below.
Regards & Summer
Mar 04, 2015 08:31 AM|Angelo.net|LINK
I think you
did not understand my question.
All you said
I had done: "check whether the session state is open before you log into in Computer Y "
I already do
this, as I say, i can get the value string of each session i desire from my Database, this is not the problem.
is to close this
session from another session,
because the description of the
method "Session.Abandon" says: "cancels the current session"
I'll try to
explain it another way,
suppose I want to create a button that
I select logged in users on my system
(that I already have),
and by activating the button
I choose which session
For example i will get from my database the data of my users, imagine i have 3 fileds in my database (Username,
Username / session / datelog
John / zqwwifafwge19qg12wqafrz / 2015-03-03 10:52:15
Paul / h3onaaf3kssdfkh0yhdkafash / 2015-03-03 10:48:00
Ian / pp2oçsakdfonugsgf8za2asf / 2015-03-03 10:13:05
Admin / asfsdlkasfdwq1mryxr2asc8sl / 2015-03-03 10:03:00
logged in as the Admin user
in computer 'Z'
and I have all the data from the other
logged in users like above
Suppose I want from
my admin system in computer 'z' (which the session
want close John
session that is "zelwisaswge3z53qg12wqozz"
in computer 'Y', so if i put the code 'Session.abandon' in a button method, the session closed is the current of Admin not the John session, even if i do a reference, like: Session.Remove(sessionID);
because session.abandon method just close current sessions, and dont accept any arguments:
in a dropdown, i choose these user john and after click in a button from my admin system try close the session
protected void btnCloseSession_Click(object sender, EventArgs e)
string sessionID = Convert.ToString(dsSession.Tables["infos"].Rows["session"]);
but the visual says: "No overload for method Abadon takes 1 argument"
I want use a method like "Abadon" close close a specific session, (i have all another infos and do everything<
I just need know how to close a specific session that a have value ID. But Abandon just close the current session,
closes the admin
session using abandon method. Which method, codes i must use to close a specific session (all have all data, i just need a code to close a session that i will get from my DB)
Thanks in advanced!
Mar 04, 2015 10:50 AM|mgebhard|LINK
The default session type, InProc, creates is a trusted conversation between a browser and the web server which exists for some time X. The session is identified by a cookie stored on the client's machine when a session is initially populated.
As your experience shows, it is not possible to affect another user's session. That is a good thing!!!
If you want more control over session, then use SQL server to store session state. SQL session will allow an authorized user to delete or manipulate session IDs/records.
Mar 04, 2015 11:08 AM|smirnov|LINK
I think you overcomplicate the problem.
You save SessionID in the database. So, if you need to clean/delete/etc then simply check that value on every request and delete that value from the database when required so that if value is not available then session must be abandoned.
Mar 04, 2015 11:25 AM|PatriceSc|LINK
What is your session provider? With InProc for example you could mark other sessions as "invalid" and check for this when a request is done so that you call Session.Abandon when an attempt to use an old session happens. The point is that you have to use
Session.Abandon from the session you want to close.
If stored in the db you could directly do that in the db (it's a bit unclear if your session is db based or if you just track sessions using the db).