Hello,
I am developing a Simple ASP Website with a login page. I want to
know how can I change Session ID after login and also Close the current
Session after User closes the Window or gets logged out of the Website. So
that every time user logs in into the website, Session ID will be unique.
Thank you.
=?Utf-8?B?YW5vb3A=?= wrote on 16 apr 2007 in
microsoft.public.inetserver.asp.general:
> I am developing a Simple ASP Website with a login page. I want to
> know how can I change Session ID after login
You cnnot, simply because changing the session.id would end the session per
definition.
> and also Close the
> current Session after User closes the Window or gets logged out of the
> Website.
Use session.abandon if you have to, or empty the
session("login") value if so designed.
.... however you cannot reliably trust the closing of window to be reported.
It depends on the browser used, the closing of the computer, or if someone
trips over the mains connection or internet connection.
> So that every time user logs in into the website, Session ID
> will be unique.
The session.id is unique as delivered by the system, better than once in a
lifetime at least.
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
to release all used sessions
session.abandon()
http://msdn.microsoft.com/library/default.asp?url=/library/e n-us/iissdk/html/02106ee0-6603-4123-b5c8-eeb92ebbbc31.asp
but this wont reset the session id ... (as far as i know)
On Apr 16, 10:09 am, "Evertjan."
wrote:
> =?Utf-8?B?YW5vb3A=?= wrote on 16 apr 2007 in
> microsoft.public.inetserver.asp.general:
>
> > I am developing a Simple ASP Website with a login page. I want to
> > know how can I change Session ID after login
>
> You cnnot, simply because changing the session.id would end the session per
> definition.
>
> > and also Close the
> > current Session after User closes the Window or gets logged out of the
> > Website.
>
> Use session.abandon if you have to, or empty the
> session("login") value if so designed.
>
> ... however you cannot reliably trust the closing of window to be reported.
> It depends on the browser used, the closing of the computer, or if someone
> trips over the mains connection or internet connection.
>
> > So that every time user logs in into the website, Session ID
> > will be unique.
>
> The session.id is unique as delivered by the system, better than once in a
> lifetime at least.
>
> --
> Evertjan.
> The Netherlands.
> (Please change the x'es to dots in my emailaddress)