By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
457,911 Members | 1,179 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 457,911 IT Pros & Developers. It's quick & easy.

How to check automatically for "end of session" and force a page redirection?

P: n/a
Hi guys.

Currently I need a javascript (client side) or vbscript(server side)
code to check automatically for session expiration and force the
redirection to a message page or the log-in page. All web site is built
around asp pages.

Thank you very much for your help

Jul 13 '06 #1
Share this Question
Share on Google+
2 Replies


P: n/a

Athenian wrote:
Hi guys.

Currently I need a javascript (client side) or vbscript(server side)
code to check automatically for session expiration and force the
redirection to a message page or the log-in page. All web site is built
around asp pages.
Use either setTimeout or setInterval to send an intermittent
XMLHttpRequest from the client to check with the server to see if the
session is still active at say 1 minute intervals. If the session has
timed-out, redirect.

It may be unreliable.
--
Rob

Jul 13 '06 #2

P: n/a
Athenian wrote:
Hi guys.

Currently I need a javascript (client side) or vbscript(server side)
code to check automatically for session expiration and force the
redirection to a message page or the log-in page. All web site is built
around asp pages.

Thank you very much for your help
Please clarify: do you want them to be taken to a log-in page
immediately when their session expires, or the next time they request a
page and their session has expired?

If it's the former (which is a bad idea - what if they are working on
something when their session expires? They are whisked away to a login
page whether they like it or not? Some action on their end - i.e.
requesting a page - should happen before you do this) then RobG's
suggestion is what you're looking for.

If it's the latter, you should ask in an ASP group. But it will go
something like this (note, this is C# code as I don't use VBScript):

if(Session["key_to_check"] == null)
Response.Redirect("/myloginpage.asp");

If you have authorization code already, I would be surprised if this
code isn't already included. If the user's session is no longer valid,
and they are still able to access protected pages, your site is a
desperately insecure.

Jeremy
Jul 14 '06 #3

This discussion thread is closed

Replies have been disabled for this discussion.