- context
- The System.Web.HttpContext for the current request.
- id
- The HttpSessionState.SessionID for the current request.
- timeout
- The session HttpSessionState.Timeout for the current request.
The SessionStateStoreProviderBase.CreateUninitializedItem(System.Web.HttpContext, string, int) method is used with sessions when the cookieless and regenerateExpiredSessionId attributes are both true. Having the regenerateExpiredSessionId attribute set to true causes the System.Web.SessionState.SessionStateModule object to generate a new HttpSessionState.SessionID value when an expired HttpSessionState.SessionID value is encountered.
The process of generating a new HttpSessionState.SessionID value requires redirecting the browser to a URL that contains the newly generated HttpSessionState.SessionID value. The SessionStateStoreProviderBase.CreateUninitializedItem(System.Web.HttpContext, string, int) method is called during the initial request that contains an expired HttpSessionState.SessionID value. After the System.Web.SessionState.SessionStateModule object acquires a new HttpSessionState.SessionID value to replace the expired value, it calls the SessionStateStoreProviderBase.CreateUninitializedItem(System.Web.HttpContext, string, int) method to add an uninitialized entry to the session-state data store. The browser is then redirected to the URL containing the newly generated HttpSessionState.SessionID value. The existence of the uninitialized entry in the session data store ensures that the redirected request that includes the newly generated HttpSessionState.SessionID value is not mistaken for a request for an expired session and is, instead, treated as a new session.
The uninitialized entry in the session data store is associated with the newly generated HttpSessionState.SessionID value and contains only default values, including an expiration date and time and a value that corresponds to the actionFlags parameter of the SessionStateStoreProviderBase.GetItem(System.Web.HttpContext, string, Boolean@, TimeSpan@, Object@, SessionStateActions@) and SessionStateStoreProviderBase.GetItemExclusive(System.Web.HttpContext, string, Boolean@, TimeSpan@, Object@, SessionStateActions@) methods. The uninitialized entry in the session-state store should include an actionFlags value equal to the SessionStateActions.InitializeItem enumeration value. This value is passed to the System.Web.SessionState.SessionStateModule object by the SessionStateStoreProviderBase.GetItem(System.Web.HttpContext, string, Boolean@, TimeSpan@, Object@, SessionStateActions@) and SessionStateStoreProviderBase.GetItemExclusive(System.Web.HttpContext, string, Boolean@, TimeSpan@, Object@, SessionStateActions@) methods, and informs the System.Web.SessionState.SessionStateModule object that the current session is a new but uninitialized session. The System.Web.SessionState.SessionStateModule object will then initialize the new session and raise the Session_OnStart event.
For more information about cookieless sessions, see the HttpSessionState.IsCookieless property.