473,898 Members | 2,636 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Static Page Methods and Session Timeout's

Hi Folks.

I have an issue I need some help with if thats OK.

I am running Framework 2.0 using Windows Integrated Security. For most of
the application we manage session timeouts without the user knowing anything
about it by ensuring all the essential objects ( only a few ) are in place
during session start.

For performance, there are some parts of the application which use static
page web methods to return xml to the page generally for popups which
require rapid response. This works very well untill the session times out
and the failure method is used on the callback.

Now, my quick fix for this was to set up an invisible button which does an
asynchronous postback that has no effect other than to reestablish the
session and pops up an alert to the user indication that they should retry
as the session has timed out. So my questions regarding this are.

1.) Can I intercept the server side process and reestablish the session in
some way to prevent the failure message being sent back to the client. ?

2.) If not possible, what is suggested as the best pattern to adpopt in this
scenario.

Thanks
Nov 18 '08 #1
7 7866
async postbacks will not keep session alive unless you are using
cookieless sessions. if you are using cookie based sessions (the
default), then the timeout is in the cookie. ajax calls can not update
this cookie in the browser. as the session timeout logic requires
sending a new cookie and getting back on redirect, the ajax calls fail
to do this.

you could switch to sessionless for ajax calls (good performance idea)
or go to cookieless sessions

if you can handle session loss on a page requests, but not ajax, you
could turn off auto redirect logic in XmlHttpRequest, and handle the
cookie logic in javascript. you would to modify the ms ajx library code
to do this.

-- bruce (sqlwork.com)

Microsoft Newsserver wrote:
Hi Folks.

I have an issue I need some help with if thats OK.

I am running Framework 2.0 using Windows Integrated Security. For most of
the application we manage session timeouts without the user knowing anything
about it by ensuring all the essential objects ( only a few ) are in place
during session start.

For performance, there are some parts of the application which use static
page web methods to return xml to the page generally for popups which
require rapid response. This works very well untill the session times out
and the failure method is used on the callback.

Now, my quick fix for this was to set up an invisible button which does an
asynchronous postback that has no effect other than to reestablish the
session and pops up an alert to the user indication that they should retry
as the session has timed out. So my questions regarding this are.

1.) Can I intercept the server side process and reestablish the session in
some way to prevent the failure message being sent back to the client. ?

2.) If not possible, what is suggested as the best pattern to adpopt in this
scenario.

Thanks

Nov 18 '08 #2
We are not using cookiless sessions, although the sessions are not being
kept alive when an asynchronouse call from the ajax framework associated
with various panels is issued, the page cycle happens and the new session is
started. This is why my dummy button will create a new session invisibly to
the user ( apart from the ajax progress indicator ).

In my scenario, because I am also calling page methods which dont have
anything to do with the page requests, this simply fails. The challenge is
how to make this invisible.

Although I havent tried this thinking about it, I assume that the code never
gets called at all when the session has timed out and the failure results so
I would have to do one of the following things.

1.) Prejudge if the session has expired then establish it with a page
request using an async postback, after which I then issue my ajax request to
the static methods.

Or.

2.) Hold the parameters of the last call, make the page request and re-issue
the request.
Akward really.


"bruce barker" <no****@nospam. comwrote in message
news:ed******** ******@TK2MSFTN GP04.phx.gbl...
async postbacks will not keep session alive unless you are using
cookieless sessions. if you are using cookie based sessions (the default),
then the timeout is in the cookie. ajax calls can not update this cookie
in the browser. as the session timeout logic requires sending a new cookie
and getting back on redirect, the ajax calls fail to do this.

you could switch to sessionless for ajax calls (good performance idea) or
go to cookieless sessions

if you can handle session loss on a page requests, but not ajax, you could
turn off auto redirect logic in XmlHttpRequest, and handle the cookie
logic in javascript. you would to modify the ms ajx library code to do
this.

-- bruce (sqlwork.com)

Microsoft Newsserver wrote:
>Hi Folks.

I have an issue I need some help with if thats OK.

I am running Framework 2.0 using Windows Integrated Security. For most of
the application we manage session timeouts without the user knowing
anything about it by ensuring all the essential objects ( only a few )
are in place during session start.

For performance, there are some parts of the application which use static
page web methods to return xml to the page generally for popups which
require rapid response. This works very well untill the session times out
and the failure method is used on the callback.

Now, my quick fix for this was to set up an invisible button which does
an asynchronous postback that has no effect other than to reestablish the
session and pops up an alert to the user indication that they should
retry as the session has timed out. So my questions regarding this are.

1.) Can I intercept the server side process and reestablish the session
in some way to prevent the failure message being sent back to the client.
?

2.) If not possible, what is suggested as the best pattern to adpopt in
this scenario.

Thanks

Nov 18 '08 #3
when session times either on the server, or because the cookie expired and is
not passed, then the session logic creates a new session, creates a cookie,
and sends redirects back to itself. in the normal case the browser will send
back the new cookie, the session is loaded, and the page request is
processed. with an ajax call, the redirect is honored but the cookie is not
send. the session logic then knows that the browser is not honoring the
cookie, and thows an error, as there is no way to honor the session request.

if you don't need session to process the ajax calls (always a good design),
switch to ajax (json) webservices instead of page methods and disable session
on the webservices.
-- bruce (sqlwork.com)
"Microsoft Newsserver" wrote:
We are not using cookiless sessions, although the sessions are not being
kept alive when an asynchronouse call from the ajax framework associated
with various panels is issued, the page cycle happens and the new session is
started. This is why my dummy button will create a new session invisibly to
the user ( apart from the ajax progress indicator ).

In my scenario, because I am also calling page methods which dont have
anything to do with the page requests, this simply fails. The challenge is
how to make this invisible.

Although I havent tried this thinking about it, I assume that the code never
gets called at all when the session has timed out and the failure results so
I would have to do one of the following things.

1.) Prejudge if the session has expired then establish it with a page
request using an async postback, after which I then issue my ajax request to
the static methods.

Or.

2.) Hold the parameters of the last call, make the page request and re-issue
the request.
Akward really.


"bruce barker" <no****@nospam. comwrote in message
news:ed******** ******@TK2MSFTN GP04.phx.gbl...
async postbacks will not keep session alive unless you are using
cookieless sessions. if you are using cookie based sessions (the default),
then the timeout is in the cookie. ajax calls can not update this cookie
in the browser. as the session timeout logic requires sending a new cookie
and getting back on redirect, the ajax calls fail to do this.

you could switch to sessionless for ajax calls (good performance idea) or
go to cookieless sessions

if you can handle session loss on a page requests, but not ajax, you could
turn off auto redirect logic in XmlHttpRequest, and handle the cookie
logic in javascript. you would to modify the ms ajx library code to do
this.

-- bruce (sqlwork.com)

Microsoft Newsserver wrote:
Hi Folks.

I have an issue I need some help with if thats OK.

I am running Framework 2.0 using Windows Integrated Security. For most of
the application we manage session timeouts without the user knowing
anything about it by ensuring all the essential objects ( only a few )
are in place during session start.

For performance, there are some parts of the application which use static
page web methods to return xml to the page generally for popups which
require rapid response. This works very well untill the session times out
and the failure method is used on the callback.

Now, my quick fix for this was to set up an invisible button which does
an asynchronous postback that has no effect other than to reestablish the
session and pops up an alert to the user indication that they should
retry as the session has timed out. So my questions regarding this are.

1.) Can I intercept the server side process and reestablish the session
in some way to prevent the failure message being sent back to the client.
?

2.) If not possible, what is suggested as the best pattern to adpopt in
this scenario.

Thanks


Nov 18 '08 #4
You can add EnableSession = true to your WebMethods. to keep Session alive.

[System.Web.Serv ices.WebMethod( EnableSession = true)]
public static object Fetch()
{
.....
}

Or if you want you can use following technique
http://www.codeproject.com/KB/aspnet...onForever.aspx
George.
"Microsoft Newsserver" <me@nowhere.com wrote in message
news:Oe******** ******@TK2MSFTN GP05.phx.gbl...
Hi Folks.

I have an issue I need some help with if thats OK.

I am running Framework 2.0 using Windows Integrated Security. For most of
the application we manage session timeouts without the user knowing
anything about it by ensuring all the essential objects ( only a few )
are in place during session start.

For performance, there are some parts of the application which use static
page web methods to return xml to the page generally for popups which
require rapid response. This works very well untill the session times out
and the failure method is used on the callback.

Now, my quick fix for this was to set up an invisible button which does an
asynchronous postback that has no effect other than to reestablish the
session and pops up an alert to the user indication that they should retry
as the session has timed out. So my questions regarding this are.

1.) Can I intercept the server side process and reestablish the session in
some way to prevent the failure message being sent back to the client. ?

2.) If not possible, what is suggested as the best pattern to adpopt in
this scenario.

Thanks
Nov 18 '08 #5
while the second method will work, the first will not unless you are using
cookieless sessions.

-- bruce (sqlwork.com)
"George" wrote:
You can add EnableSession = true to your WebMethods. to keep Session alive.

[System.Web.Serv ices.WebMethod( EnableSession = true)]
public static object Fetch()
{
.....
}

Or if you want you can use following technique
http://www.codeproject.com/KB/aspnet...onForever.aspx
George.
"Microsoft Newsserver" <me@nowhere.com wrote in message
news:Oe******** ******@TK2MSFTN GP05.phx.gbl...
Hi Folks.

I have an issue I need some help with if thats OK.

I am running Framework 2.0 using Windows Integrated Security. For most of
the application we manage session timeouts without the user knowing
anything about it by ensuring all the essential objects ( only a few )
are in place during session start.

For performance, there are some parts of the application which use static
page web methods to return xml to the page generally for popups which
require rapid response. This works very well untill the session times out
and the failure method is used on the callback.

Now, my quick fix for this was to set up an invisible button which does an
asynchronous postback that has no effect other than to reestablish the
session and pops up an alert to the user indication that they should retry
as the session has timed out. So my questions regarding this are.

1.) Can I intercept the server side process and reestablish the session in
some way to prevent the failure message being sent back to the client. ?

2.) If not possible, what is suggested as the best pattern to adpopt in
this scenario.

Thanks

Nov 18 '08 #6
Not sure what do you mean...
Are you saying that 20 minutes expiration will not be reset for Session if
the browser hit WebMethod with EnabledSession = true?
George.
"bruce barker" <br*********@di scussions.micro soft.comwrote in message
news:E4******** *************** ***********@mic rosoft.com...
while the second method will work, the first will not unless you are using
cookieless sessions.

-- bruce (sqlwork.com)
"George" wrote:
>You can add EnableSession = true to your WebMethods. to keep Session
alive.

[System.Web.Serv ices.WebMethod( EnableSession = true)]
public static object Fetch()
{
.....
}

Or if you want you can use following technique
http://www.codeproject.com/KB/aspnet...onForever.aspx
George.
"Microsoft Newsserver" <me@nowhere.com wrote in message
news:Oe******* *******@TK2MSFT NGP05.phx.gbl.. .
Hi Folks.

I have an issue I need some help with if thats OK.

I am running Framework 2.0 using Windows Integrated Security. For most
of
the application we manage session timeouts without the user knowing
anything about it by ensuring all the essential objects ( only a few )
are in place during session start.

For performance, there are some parts of the application which use
static
page web methods to return xml to the page generally for popups which
require rapid response. This works very well untill the session times
out
and the failure method is used on the callback.

Now, my quick fix for this was to set up an invisible button which does
an
asynchronous postback that has no effect other than to reestablish the
session and pops up an alert to the user indication that they should
retry
as the session has timed out. So my questions regarding this are.

1.) Can I intercept the server side process and reestablish the session
in
some way to prevent the failure message being sent back to the client.
?

2.) If not possible, what is suggested as the best pattern to adpopt in
this scenario.

Thanks

Nov 19 '08 #7
Ahhh....

OK. Thats good. I am not using cookiless sessions. So at least I know that
this will keep the session going. It wont help if it expires though ( or
will it ? )

Ill try


"bruce barker" <br*********@di scussions.micro soft.comwrote in message
news:E4******** *************** ***********@mic rosoft.com...
while the second method will work, the first will not unless you are using
cookieless sessions.

-- bruce (sqlwork.com)
"George" wrote:
>You can add EnableSession = true to your WebMethods. to keep Session
alive.

[System.Web.Serv ices.WebMethod( EnableSession = true)]
public static object Fetch()
{
.....
}

Or if you want you can use following technique
http://www.codeproject.com/KB/aspnet...onForever.aspx
George.
"Microsoft Newsserver" <me@nowhere.com wrote in message
news:Oe******* *******@TK2MSFT NGP05.phx.gbl.. .
Hi Folks.

I have an issue I need some help with if thats OK.

I am running Framework 2.0 using Windows Integrated Security. For most
of
the application we manage session timeouts without the user knowing
anything about it by ensuring all the essential objects ( only a few )
are in place during session start.

For performance, there are some parts of the application which use
static
page web methods to return xml to the page generally for popups which
require rapid response. This works very well untill the session times
out
and the failure method is used on the callback.

Now, my quick fix for this was to set up an invisible button which does
an
asynchronous postback that has no effect other than to reestablish the
session and pops up an alert to the user indication that they should
retry
as the session has timed out. So my questions regarding this are.

1.) Can I intercept the server side process and reestablish the session
in
some way to prevent the failure message being sent back to the client.
?

2.) If not possible, what is suggested as the best pattern to adpopt in
this scenario.

Thanks


Nov 19 '08 #8

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
7965
by: cb | last post by:
When a Session timeout occurs, I get a 403 - Forbidden. The address bar contains the path that I was intending to go to but couldn't because of the timeout. How can I redirect the page when a Session.Timeout occurs? TIA, Chris
0
1102
by: Chakra Venkatesan | last post by:
Hi, My application has a session timeout of 15 mins. I have a page for which I have disabled the session state. If I invoke the this page from a new browser session, there is no session created on the server as expected. But if I invoke this page from an active session, this page extends the session expiration by the timeout minutes. I am expecting this page not to have any effect as to when the current session timeouts. I don't...
2
2301
by: francois | last post by:
Hi, I would like to redirect the user to the login page after the session time out. I tried to do a trick in the global.aspx.cs protected void Application_BeginRequest(Object sender, EventArgs e) {
2
463
by: Eilsa | last post by:
Dear all, My ASP.NET page always session timeout within 20 minutes. However, I've set the following statement at the web.config <sessionState timeout="400" /> Any alternative solution to extend the timeout period? Thanks Best Regards,
8
7319
by: Joe Abou Jaoude | last post by:
hi, I have a web app with forms authentication and a timeout session of 20 mins for security reasons. I recently added a feature that allows users (if they want to) to automatically log in (without entering username and password) using the cookies. Now in this case the 20 mins session timeout has no meaning anymore so I m thinking to make the timeout infinite in this case only. my question is, if i do this, and then a user used the...
8
5504
by: bdeviled | last post by:
I am deploying to a web environment that uses load balancing and to insure that sessions persist across servers, the environment uses SQL to manage sessions. The machine.config file determines how all applications will use sessions and to insure that all application use this method, the session properties cannot be overriden. Within the sessionstate tags, the webadmin (upon my request)r emoved the property for timeout, hoping that...
1
2430
by: PipScouser | last post by:
Hi, Most times, but not always, after my session times out (default 20 mins) if a user clicks on any control that necessitates a code-behind call, I get the 'Cannot find Server or DNS Error' white page. This also infrequently happens within the 20 minute timeout period. This isn't happening because anyone is recompiling the code and, therefore, restarting the worker process becuase the \bin folder has changed. I'm using .NET...
6
1597
by: Maspr | last post by:
I am trying to build a mixed site of ASP and ASP.NET. I am having trouble keeping the ASP session from timing out when using just the ASP.NET pages. The ASP.NET pages has a Master Page with an iFrame that loads an ASP page, however this is not keeping ASP from timing out. Does anyone know how to work around this?
4
7188
by: goscottie | last post by:
I used submodal as my popup window. With some tweaks, it working great in my app. However, I can't find a way to detect session timeout in the popup window. The app is a form based authentication so the default.aspx page will show up in the popup. So I'm looking into several options. 1. detect session timeout in javascript so that I prevent the popup from even happening. I can simply redirect or post to itself so that the calling...
0
9993
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
0
9840
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
11259
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
0
10483
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
1
8035
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
0
7187
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
0
5880
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
2
4295
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
3
3305
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.