ASP.NET has this functionality built in. It's called Forms Authentication.
It is easily configured in your web.config file.
When the session times out they'll automatically be taken to the login page
on their next page request.
Here's more information:
http://www.dotnetbips.com/displayarticle.aspx?id=9
--
I hope this helps,
Steve C. Orr, MCSD
http://Steve.Orr.net
"Justin Dutoit" <an**@anon.com> wrote in message
news:eh*************@TK2MSFTNGP12.phx.gbl...
Hey. What is the best practice for dealing with session state timeouts in
a web app? eg Session_OnEnd Sign them out, so they redirect to Login on the
next request.
Also, for lower security situations, like a home shopping site used from a
secure home environment, how long should the session timeout be?
Cheers
Justin Dutoit