ASP.NET：Response.Redirect() 是否结束当前会话？

发布于 2024-10-06 13:19:03 字数 900 浏览 2 评论 0原文

我正在尝试修复我的会话超时代码，并且遇到了一个有趣的问题。我已采纳此处和此处假设我在 Session.IsNewSession 时遇到超时为 true 并且会话 cookie 已存在。根据多个帖子，这些都是发生超时的迹象。在用户登录之前，我在主页上进行了所有这些检查（在超时和注销情况下，它们被重定向到此页面）。

所以我们假设这一切都是正确的。当用户在应用程序中单击 LogOut 时，我运行必要的数据库代码来结束会话，然后运行以下命令：

//abandon session
Global.Session.Abandon();

//redirect
Response.Redirect(FormsAuthentication.LoginUrl, false);

当我执行会话超时检查时，我在主页中立即注意到 Session.IsNewSession 为 true ，最终导致认为存在会话超时的逻辑。显然不是；用户只需单击“注销”。通过在全局文件中的 Session_End 中放置一个断点，我可以看到当用户注销时执行 Response.Redirect() 语句后，Session_End 被触发。

所以我想知道这是否应该发生？最初我认为它与 Session.Abandon() 有关，但这似乎并没有导致 Session_End 触发。有什么想法吗？

谢谢。

原文

I'm in the middle of trying to fix my session timeout code, and have run into an interesting problem. I've taken the recommendations here and here to assume I've hit a timeout when Session.IsNewSession is true and a session cookie already exists. According to multiple posts, these are signs that a timeout has occurred. All of these checks I have on my homepage before the user logs in (they're redirected to this page in timeout and logout situations).

So let's assume that's all correct. When the user clicks LogOut in the application, I run my necessary database code to end the session, then I run this:

//abandon session
Global.Session.Abandon();

//redirect
Response.Redirect(FormsAuthentication.LoginUrl, false);

What I noticed immediately in my homepage, when I'm performing the session timeout checks, was that Session.IsNewSession was true, eventually leading to the logic that thinks there's a session timeout. Obviously it wasn't; the user just clicked Log Out. By putting a breakpoint in Session_End in my Global file, I was able to see that Session_End is fired after I do the Response.Redirect() statement when the user logs off.

So I'm wondering if that's supposed to happen? Originally I thought that it had something to do with Session.Abandon(), but that doesn't seem to be causing Session_End to fire. Any ideas?

Thanks.

分享到QQ

分享到微博