Is the ASP.Net Inproc session timeout reset if the SessionID is accessed?

Question

I read here that an inproc asp.net session resets it's timeout everytime it is accessed (read or write). My question is, if the timeout is also reset if I only read the sessionID?

Example: Session timeout is set to 20 min. After 15 min. of inactivity I load a page and read the Session.SessionID. Will the session still exist after 10 more min.?

And one more question: Does it matter if the page is loaded directly or accesses via AJAX?

Answer 1

It appears to me that you are mixing up two different things: Reading a value from Session state (in code) differs from attaching an instance of SessionState to the current Request.

Unless I am very much mistaken, the timeout is not refreshed whenever you access a Session object (again, in code), rather it is refreshed when a new request is served. This happens because the SessionState item is itself added to the Cache (and expiration policy is set)

So, to answer your question: The timeout will not be reset.

To elaborate on the example you gave: The timeout will be reset on the load of the page, rather than when you read the SessionID in code.

Answer 2

Accessing SessionID doesn't affect session timeout. If you take a peek with Reflector, the SessionID property (implemented in HttpSessionStateContainer) looks like this:

public string SessionID
{
    get
    {
        if (this._id == null)
        {
            this._id = this._stateModule.DelayedGetSessionId();
        }
        return this._id;
    }
}

Which doesn't touch the underlying stored items.

Also, at that level it doesn't matter where the request came from (ajax/normal).