473,756 Members | 1,861 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Timeouts: session and authentication

Hi,
I need a quick solution to make my application behave correctly when one
of these timeouts occurs. I have some logic in session_start but when
the authentication cookie timeouts the user is redirected to login page
and after successful login the session is not started. I'd like to have
one timeout and when it occurs the user must login and then the new
session is started. TIA.

Regards,
mircu
Nov 18 '05 #1
2 1659
On 7/28/2004 10:43 AM, mircu wrote:
Hi,
I need a quick solution to make my application behave correctly when one
of these timeouts occurs. I have some logic in session_start but when
the authentication cookie timeouts the user is redirected to login page
and after successful login the session is not started. I'd like to have
one timeout and when it occurs the user must login and then the new
session is started. TIA.

Regards,
mircu

You have to watch out for when auth is OK, but session expires. This is
the really tricky situation. To check, just create a Session var of
your own when the session starts:

Session("tester ") = 1

Then always test (on every page) whether that var is equal to 1; if not,
then you know the session is timed out, if needed, log them out of forms
auth and they have to login again.

If auth timeout happens first (or perhaps when they are for some reason
redirected to the login page), just Abandon the session, since it seems
you want to restart it with their login.

Also, if possible, set the timeouts for each to the same values (auth
and session timeouts) to help alleviate the chance of this.....

--
Craig Deelsnyder
Microsoft MVP - ASP/ASP.NET
Nov 18 '05 #2
Craig Deelsnyder wrote:
You have to watch out for when auth is OK, but session expires. This is
the really tricky situation. To check, just create a Session var of
your own when the session starts:

Session("tester ") = 1

Then always test (on every page) whether that var is equal to 1; if not,
then you know the session is timed out, if needed, log them out of forms
auth and they have to login again.
Thank you. I did something similiar already.
If auth timeout happens first (or perhaps when they are for some reason
redirected to the login page), just Abandon the session, since it seems
you want to restart it with their login.


How to detect auth timeout? Check it on Application_Beg inRequest?

After some investigation i've found something strange in the iis logs.
10:21:46 127.0.0.1 GET /app/images/ 403
10:21:46 127.0.0.1 GET /app/images/ 403
10:21:46 127.0.0.1 GET /app/images/ 403
10:21:46 127.0.0.1 POST /app/MainWnd.aspx 302
10:21:46 127.0.0.1
QURRMEJFUUFBQUF VQUFBQUpGZ0FBQU FjQUFBQUhBQUFBR UJJQUFBQVFBQUFB Q1JjQUFBQUpCQUF BQUFrWkFBQUFEUT BCRXdBQUFB
/app/Login.aspx 403

It is after the session or auth timeouts. Why the login page gets status
403? It should be showed correctly and what is the string in the method
part in the logs (it looks like session id).

Regards,
mircu
Nov 18 '05 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
12
43194
How to set session timeout
by: Geigho | last post by:
Setting session timeout in web.config file does not seem to have any effect. Any explanation or suggestion will be appreciated.
ASP.NET
1
1305
Dealing with Session State timeouts
by: Justin Dutoit | last post by:
Hey. What is the best practice for dealing with session state timeouts in a web app? eg Session_OnEnd Sign them out, so they redirect to Login on the next request. Also, for lower security situations, like a home shopping site used from a secure home environment, how long should the session timeout be? Cheers Justin Dutoit
ASP.NET
0
932
forms authentication timeouts and session timeouts
by: Jason | last post by:
What is the best way to set these timeouts? Should both be the same and what will happen if they are different? Thanks Jason
ASP.NET
6
1249
A little help with managing session timeouts
by: Simon Harvey | last post by:
Hi everyone, If anyone can help me with the following I would be very greatful. In order to determine when a session has timed out I have some code in each page that does something like: loadSessionData(); // Populates a variable called sessionState if(sessionState.currentUser != null){
ASP.NET
0
1636
Sharing ASP.NET Session State through different web applications
by: Nabani Silva | last post by:
Hi, hope someone could help I need to share session state (and contents) through differente web applications. I'm trying to get it done by using StateServer session state, below I paste code for web.config. Both applications are on the same server (I don't want to include all applications into one common virtual directory or application)
ASP.NET
2
363
Session timeouts
by: Fraijo | last post by:
how can i disable session timeouts without affecting any program codings?
ASP.NET
2
1300
Q regarding forms authentication and timeouts
by: Mike Hofer | last post by:
Okay, so I finally figured out forms authenticaton, to a degree and I still have one question: If a user walks away from my application, and the cookie expires, and then he comes back, does forms authentication automatically force him back to my logon page? Or does the session just expire? Or does that depend on whether or not the cookie expires before the IIS session? Can someone help me out here?
ASP.NET
1
1690
need two authentication timeouts for internal and external users
by: =?Utf-8?B?VCBSYXkgSHVtcGhyZXk=?= | last post by:
I have an ASP.NET 2.0 web app using forms authentication and an ASP.NET Membership database. Internal users access the app from the intranet, but they are authenticated by the membership module. External users access the app over SSL from the internet and are also authenticated the same way. I would like to have a different authentication timeout value for each. I want 720 minutes for internal users, so they can leave the app open all day...
ASP.NET
4
5326
Forms authentication vs session variable
by: Bjorn Sagbakken | last post by:
In a web-application with login creds (user, pwd), these are checked against a user table on a SQL server. On a positive validation I have saved the userID, name, custno and role-settings in a userobject (custom build class) and added this to the session using as session variable like session For all other pages I have added a small test in the page_load event, basically testing if the session != null, but also checking if the...
ASP.NET
0
9431
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
General
0
9255
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
Windows Server
0
8688
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
Career Advice
0
6514
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
C# / C Sharp
0
5119
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
Networking - Hardware / Configuration
0
5289
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
1
3780
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp
2
3326
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP
3
2647
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us