Logg off users with session.timeout

Here's what we do; if the session has expired or doesn't exist we
redirect to a "timed out" page. The timeout page contains only a
couple lines of javascript to pop up a box alerting the user that they
have timed out then redirects them back to the login page. We check
the session on every page to make sure it still exists.

in each page:
--------------------
If Session("User") Is Nothing Then
Response.Redirect("../TimedOut.aspx")
End If
timeout page:
--------------------
function window_onload()
{
alert('Your session has timed out. Please log back on.');
top.location.href = 'default.aspx';
}
I'd also like to hear what other people are using to see if we could
change our method to something better - or if this is the norm.

Thanks!
Michelle

Thanks Michelle for your answer but what I need is logging off certain users
when their sessions have not ended yet. Imagine that I'm an administrator and
want to expell some unwanted users from the applikation from a button click.
Is there any way maybe to use formsauthentication.signout() method? The
problem is how to identify first these users?
/Viktor

"Michelle" wrote:

Here's what we do; if the session has expired or doesn't exist we
redirect to a "timed out" page. The timeout page contains only a
couple lines of javascript to pop up a box alerting the user that they
have timed out then redirects them back to the login page. We check
the session on every page to make sure it still exists.

in each page:
--------------------
If Session("User") Is Nothing Then
Response.Redirect("../TimedOut.aspx")
End If
timeout page:
--------------------
function window_onload()
{
alert('Your session has timed out. Please log back on.');
top.location.href = 'default.aspx';
}
I'd also like to hear what other people are using to see if we could
change our method to something better - or if this is the norm.

Thanks!
Michelle

i believe it is the norm

--
Regards
Alvin Bruney
[Shameless Author Plug]
The Microsoft Office Web Components Black Book with .NET
available at www.lulu.com/owc
--------------------------------------------------
"viktor9990" <vi********@discussions.microsoft.com> wrote in message
news:B6**********************************@microsof t.com...

Thanks Michelle for your answer but what I need is logging off certain
users
when their sessions have not ended yet. Imagine that I'm an administrator
and
want to expell some unwanted users from the applikation from a button
click.
Is there any way maybe to use formsauthentication.signout() method? The
problem is how to identify first these users?
/Viktor

"Michelle" wrote:

Here's what we do; if the session has expired or doesn't exist we
redirect to a "timed out" page. The timeout page contains only a
couple lines of javascript to pop up a box alerting the user that they
have timed out then redirects them back to the login page. We check
the session on every page to make sure it still exists.

in each page:
--------------------
If Session("User") Is Nothing Then
Response.Redirect("../TimedOut.aspx")
End If
timeout page:
--------------------
function window_onload()
{
alert('Your session has timed out. Please log back on.');
top.location.href = 'default.aspx';
}
I'd also like to hear what other people are using to see if we could
change our method to something better - or if this is the norm.

Thanks!
Michelle

But how to use formsauthentication.signout() method to logg off all logged on
users at the same time from the application? Do I need to make any change in
web.config too?
/Viktor

"Alvin Bruney [Microsoft MVP]" wrote:

i believe it is the norm

--
Regards
Alvin Bruney
[Shameless Author Plug]
The Microsoft Office Web Components Black Book with .NET
available at www.lulu.com/owc
--------------------------------------------------
"viktor9990" <vi********@discussions.microsoft.com> wrote in message
news:B6**********************************@microsof t.com...

Thanks Michelle for your answer but what I need is logging off certain
users
when their sessions have not ended yet. Imagine that I'm an administrator
and
want to expell some unwanted users from the applikation from a button
click.
Is there any way maybe to use formsauthentication.signout() method? The
problem is how to identify first these users?
/Viktor

"Michelle" wrote:

Here's what we do; if the session has expired or doesn't exist we
redirect to a "timed out" page. The timeout page contains only a
couple lines of javascript to pop up a box alerting the user that they
have timed out then redirects them back to the login page. We check
the session on every page to make sure it still exists.

in each page:
--------------------
If Session("User") Is Nothing Then
Response.Redirect("../TimedOut.aspx")
End If
timeout page:
--------------------
function window_onload()
{
alert('Your session has timed out. Please log back on.');
top.location.href = 'default.aspx';
}
I'd also like to hear what other people are using to see if we could
change our method to something better - or if this is the norm.

Thanks!
Michelle

Put a button on a form, map its click event to a function that calls the
signout method. each user who chooses to log out follows the process.

--
Regards
Alvin Bruney
[Shameless Author Plug]
The Microsoft Office Web Components Black Book with .NET
available at www.lulu.com/owc
--------------------------------------------------
"viktor9990" <vi********@discussions.microsoft.com> wrote in message
news:DC**********************************@microsof t.com...

But how to use formsauthentication.signout() method to logg off all logged
on
users at the same time from the application? Do I need to make any change
in
web.config too?
/Viktor

"Alvin Bruney [Microsoft MVP]" wrote:

i believe it is the norm

--
Regards
Alvin Bruney
[Shameless Author Plug]
The Microsoft Office Web Components Black Book with .NET
available at www.lulu.com/owc
--------------------------------------------------
"viktor9990" <vi********@discussions.microsoft.com> wrote in message
news:B6**********************************@microsof t.com...

> Thanks Michelle for your answer but what I need is logging off certain
> users
> when their sessions have not ended yet. Imagine that I'm an
> administrator
> and
> want to expell some unwanted users from the applikation from a button
> click.
> Is there any way maybe to use formsauthentication.signout() method? The
> problem is how to identify first these users?
> /Viktor
>
> "Michelle" wrote:
>
>> Here's what we do; if the session has expired or doesn't exist we
>> redirect to a "timed out" page. The timeout page contains only a
>> couple lines of javascript to pop up a box alerting the user that they
>> have timed out then redirects them back to the login page. We check
>> the session on every page to make sure it still exists.
>>
>> in each page:
>> --------------------
>> If Session("User") Is Nothing Then
>> Response.Redirect("../TimedOut.aspx")
>> End If
>>
>>
>> timeout page:
>> --------------------
>> function window_onload()
>> {
>> alert('Your session has timed out. Please log back on.');
>> top.location.href = 'default.aspx';
>> }
>>
>>
>> I'd also like to hear what other people are using to see if we could
>> change our method to something better - or if this is the norm.
>>
>> Thanks!
>> Michelle
>>
>>

I don't know if you understood what I meant. What I need is from a button
click be able to logg off all users at the same time from the system (it is
me who will do that and not them one at a time)?
/Viktor

"Alvin Bruney [Microsoft MVP]" wrote:

Put a button on a form, map its click event to a function that calls the
signout method. each user who chooses to log out follows the process.

--
Regards
Alvin Bruney
[Shameless Author Plug]
The Microsoft Office Web Components Black Book with .NET
available at www.lulu.com/owc
--------------------------------------------------
"viktor9990" <vi********@discussions.microsoft.com> wrote in message
news:DC**********************************@microsof t.com...

But how to use formsauthentication.signout() method to logg off all logged
on
users at the same time from the application? Do I need to make any change
in
web.config too?
/Viktor

"Alvin Bruney [Microsoft MVP]" wrote:

i believe it is the norm

--
Regards
Alvin Bruney
[Shameless Author Plug]
The Microsoft Office Web Components Black Book with .NET
available at www.lulu.com/owc
--------------------------------------------------
"viktor9990" <vi********@discussions.microsoft.com> wrote in message
news:B6**********************************@microsof t.com...
> Thanks Michelle for your answer but what I need is logging off certain
> users
> when their sessions have not ended yet. Imagine that I'm an
> administrator
> and
> want to expell some unwanted users from the applikation from a button
> click.
> Is there any way maybe to use formsauthentication.signout() method? The
> problem is how to identify first these users?
> /Viktor
>
> "Michelle" wrote:
>
>> Here's what we do; if the session has expired or doesn't exist we
>> redirect to a "timed out" page. The timeout page contains only a
>> couple lines of javascript to pop up a box alerting the user that they
>> have timed out then redirects them back to the login page. We check
>> the session on every page to make sure it still exists.
>>
>> in each page:
>> --------------------
>> If Session("User") Is Nothing Then
>> Response.Redirect("../TimedOut.aspx")
>> End If
>>
>>
>> timeout page:
>> --------------------
>> function window_onload()
>> {
>> alert('Your session has timed out. Please log back on.');
>> top.location.href = 'default.aspx';
>> }
>>
>>
>> I'd also like to hear what other people are using to see if we could
>> change our method to something better - or if this is the norm.
>>
>> Thanks!
>> Michelle
>>
>>

viktor9990,
I guess u can only control how long they can stay on the site and what
they can do.But logging them all out at the same time?????


*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!

You have to use a bit of sideways thinking
to get around that type of logic.

If you think that logging everyone off is the problem,
you will not be able to do it from within code.

OTOH, if you know that all it takes to log everybody off
is to restart the application, there's a simple solution :

Write a little app to "touch" ( save ) global.asax.

That will restart the application
and everybody will be logged off.

Juan T. Llibre
ASP.NET MVP
http://asp.net.do/foros/
Foros de ASP.NET en Español
=====================

"Patrick Olurotimi Ige" <ig*@iprimus.com.au> wrote in message
news:e%****************@TK2MSFTNGP09.phx.gbl...

viktor9990,
I guess u can only control how long they can stay on the site and what
they can do.But logging them all out at the same time?????

I like your idea. I put the code in a header user control rather than
typing the code into every page and it works like a dream.

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!