Setting Cookie Length to Match Session Duration

[jojo11]

I have a customized class, where I write some information into both cookie and session state. When the session expires, in Session_End( ) in global.asax.cs, I write the value of the session state to database.

I want the cookie to expire at the same time as the session expires. But the problem is, the cookie still exists after the session expired.

In my web.config, I set the session expiration to 1 minute:
<sessionState mode="InProc" cookieless="false" timeout="1" />

In the module, when the cookie is created, I didn't specify the expiration time:
response.Cookies[COOKIE_NAME].Value = cookieVal;

So to my understanding, the cookie should expire when the session expires. But it didn't work as my expectation.

Can anyone explain the problem to me?

Thanks!

-------------------------------------------
Ummm, we have a bit of a problem here....

 

[chiph]

Sessions can use cookies, but not the reverse.

It's beause a session is a logical concept that the webserver uses, and a cookie is a physical bit of storage that gets put on the user's PC.

Chip H.


____________________________________________________________________
If you want to get the best response to a question, please read FAQ222-2244 first