473,417 Members | 1,554 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > urgent : asp .net cookieless session timeout

Join Bytes to post your question to a community of 473,417 software developers and data experts.

URGENT : ASP .NET cookieless session timeout

Hi

I am a little stuck. I have a web app which uses cookieless session
management. I would like to inform a user when their session has
ended but cannot work out how to implement. I thought of placing a
redirect into the Session_End method in the global file but this does
not work.

To my understanding a session will end when it has been idle for the
time specified in the web.config file. The user may still have the
browser open and decide to continue using the site after the session
has ended because they are not aware that the session has actually
ended. I would like to inform them that their session has ended once
they submit their next request and give them a set of options and or
messages.

PLEASE HELP. This is kind of urgent.

Thanks

Tecknickal
Nov 18 '05 #1
4 4890
Nick wrote:
Hi

I am a little stuck. I have a web app which uses cookieless session
management. I would like to inform a user when their session has
ended but cannot work out how to implement. I thought of placing a
redirect into the Session_End method in the global file but this does
not work.

To my understanding a session will end when it has been idle for the
time specified in the web.config file. The user may still have the
browser open and decide to continue using the site after the session
has ended because they are not aware that the session has actually
ended. I would like to inform them that their session has ended once
they submit their next request and give them a set of options and or
messages.

PLEASE HELP. This is kind of urgent.

Thanks

Tecknickal


This seems to be a "frequently asked question".

No, you can't redirect from Session_End, because a redirect needs
a Request to redirect and Session_End is not started by a request.
You can't just "push" a redirect to the browser because you also have
no way to know if that browser is still open, and showing your page.
(The user might have closed his browser or navigated to some other site)

There are two things you can do:
- use a <meta http-equiv=refresh> to redirect the browser to a "you are logged out"
page, after the timeout should have expired.
- on every request, check specific session variables. If they don't exist it's
either a new user or an expired session.

Hans Kesting
Nov 18 '05 #2
Hi Hans

Thanks for the quick reply. When you say :

use a <meta http-equiv=refresh> to redirect
the browser to a "you are logged out" page,
after the timeout should have expired.

How do I go about doing this? How do I know when the timeout should have
expired? Isn't the timeout used to timeout sessions when they have been
idle for the set amount of time?

You also stated :

on every request, check specific session
variables. If they don't exist it's either
a new user or an expired session.

I was thinking of setting the sessionId as a hidden form variable within
every form. Since ASP .NET creates a new session automatically if the
previous session does not exist. That way I can check to see whether
the hidden sessionId on the form is equal to the current sessionId, if
not, it has expired or something similar.

Do you think this is a good idea?

Thanks

Tecknick


*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Nov 18 '05 #3
teck nickal wrote:
Hi Hans

Thanks for the quick reply. When you say :

use a <meta http-equiv=refresh> to redirect
the browser to a "you are logged out" page,
after the timeout should have expired.

How do I go about doing this? How do I know when the timeout should
have expired? Isn't the timeout used to timeout sessions when they
have been idle for the set amount of time?

The counter starts when the last (current) page has been sent to the browser.
You know that the server-side timeout is 20 minutes (or whatever you changed it into).
Then you can set the refresh-timeout to the same timespan (or slightly more).
As you don't change that timeout often (I hope), you could hardcode this
into your aspx page.
Note: refresh uses a timeout in seconds.
You also stated :

on every request, check specific session
variables. If they don't exist it's either
a new user or an expired session.

I was thinking of setting the sessionId as a hidden form variable
within every form. Since ASP .NET creates a new session
automatically if the previous session does not exist. That way I can
check to see whether the hidden sessionId on the form is equal to the
current sessionId, if not, it has expired or something similar.

Do you think this is a good idea?

Form variables work only when there is a postback. A click on a link
will not send the form variables (or a viewstate). I was thinking more
along the lines of a "isloggedin" session variable. If that isn't present, then
it's a new session.
I wonder, if you use cookieless sessions, can you read the original session-id
from the querystring?

Hans Kesting
Thanks

Tecknick

Nov 18 '05 #4
Hi Hans
Thanks again for the reply. The meta refresh would be great except if
javascript is disabled then the refresh would not occur. I have decided
to use the Session.isNewSession object.

When the user hits the first page this property should be set to true
indicating that a new session has been created. If they are on the
first page of my site and this is true, that is ok. If they are on a
page other than my first page and this is set to true then I know that
either their session timed out or that they landed on the page first
before starting at my start page. In both cases, I will display a
message to inform them of this a redirect them to the start up page.

Thanks for you help and ideas.

Tecknickal
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Nov 18 '05 #5
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

6
Cookieless ASP Sessions
by: JJ | last post by:
Hi, I really need to use cookieless ASP sessions with ASP 3 (IIS5) Can I find out the session ID from the first page, then post it or send it with the url to the next page, then at the start...
ASP / Active Server Pages
7
Session Timed Out Issue (URGENT)
by: Thaynann | last post by:
I am developin an application that access a web site, i can get to the first page of the site, but when i POST to get to other pages, it gives me a message (amongst the HTML code) "Session Timed...
C# / C Sharp
3
Session contents lost despite Session.Timeout = 3000; and <sessionState mode="InProc" cookieless="false" timeout="300">
by: Carpe Diem | last post by:
Hello I have an aspx page that loses Session("user") value after a few minutes even after I set <sessionState mode="InProc" cookieless="false" timeout="300"> in web.config and wrote function...
ASP.NET
10
BUG: Response.Redirect causes premature session expiration when using cookieless sessions (.NET 1.1.4322)
by: Anthony Williams | last post by:
Hi gang, This one looks like a bug :o( As you may or may not know, setting session management in web.config to use cookieless sessions causes the ASP.NET runtime to munge a session ID into...
ASP.NET
17
Strange session timeout problem(urgent help needed).
by: jensen bredal | last post by:
Hello, i'm struggling with a somehow badly understood session scenario. I provide acces to my pages based on form authentication using Session cookies. Som of my pages are supposed to be...
ASP.NET
0
HTTPS with cookieless session : Timeout Problems
by: vickeybird | last post by:
Hi, My current application requires me to use HTTPS and Cookieless Sessions. Ive just implemented HHTP Handler to redirect all http request to https as described by Matt Sollars at...
ASP.NET
5
Urgent plz
by: Yoshitha | last post by:
HI i've asp.net aplication and it is working fine in all systems but when i uploaded it into clients server and trying to run the aplication then i'm getting the following error Server...
ASP.NET
0
Session timeout .... please help... very urgent
by: Calvin KD | last post by:
Hi everyone, I need help urgently. I have a C#.Net app which uses cookies for state management. Everything has been going fine until recently we've expanded the app and a few more screens were...
ASP.NET
5
Cannot Extent Session Timeout Without Cookieless Session
by: Mugs321 | last post by:
Hi all, I'm having a problem with extending Session Timeouts... hopin someone can help.. This is the line under my <system.web> tag in my web.config: <sessionState mode="InProc" timeout="45"...
.NET Framework
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
C# / C Sharp

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!