tigz Posted November 12, 2003 Posted November 12, 2003 Hi folks! is there anywhere in an asp.net application where references to all the sessions are? like a collection of active sessions? I need to prevent my server from being overloaded by user's not logging out properly and then logging back in. If they do this 5 times in 20 mins (the timeout period for each session) then my server will inevitably crash. So what i proposed but have so far been unable to implement is that the session ID be stored somewhere when a user logs in the first time. when a user attempts to re-login the system can enumerate through a collection of sessions somewhere, find the user's previous existing session, and terminate it before creating a new one for them. So each user only ever has one active session on the server. Any ideas? thanks in advance Quote
tigz Posted November 13, 2003 Author Posted November 13, 2003 someone must have a viewpoint on this? please tell me you thoughts on it Quote
Administrators PlausiblyDamp Posted November 13, 2003 Administrators Posted November 13, 2003 The problem is that http is inherently stateless in opereation, Session variables are maintained by cookies and will normally expire after 20 minutes (web.config can override this) Once the connection between a client browser and server-side session is lost there is no real way to re-associate them. As an aside - how many users are going to be using the system and what type / size of information are you storing in the Session? If this is enough to cause serve crashes it may not be the best solution to the problem. Quote Posting Guidelines FAQ Post Formatting Intellectuals solve problems; geniuses prevent them. -- Albert Einstein
tigz Posted November 13, 2003 Author Posted November 13, 2003 hi, theres not loads of information, but i'd like to make my system as resistant as possible to wasted/unused resources. I was thinking if i stored the session ID with the user's details in the database, then i could atleast close the old session of the user when they re-login, so that memory locations for two session states instanciated by the same user aren't being used, needlessly, concurrently. if microsoft haven't implemented it then thats fair enough. i just thought someone might have had the same thoughts of potential resources wasted for periods of time. Thanks for reply. i appreciate someone else thinking about it Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.