how to time out the web asp.net application when not in use for 15 minutes

E

enahar

Hi,

How to timing out the asp.net web application when not in use for 15 minutes
although I am using the code in web.config file as below:

<authentication mode="Forms">
<forms loginUrl="Security/Login.aspx" protection="All" timeout="20" path="/"
/>

</authentication>





Thanks
 
P

PL

20 is not 15 :)

You also need to disable slidingExpiration by setting it to false
and you need to make sure you dont set the cookie as persistant
in your forms login.

Assuming you have the .NET Framwework SDK with docs installed try this link:
ms-help://MS.NETFrameworkSDKv1.1/cpgenref/html/gngrfforms.htm

PL.
 
E

Ekta Agarwal

Hi

If I use the sliding Expiration in the code(web.config) as follows:

<authentication mode="Forms" >

<forms loginUrl="Security/Login.aspx" protection="All" slidingExpiration
="true" timeout="15" path="/" />

</authentication>



I am getting the following error message:


Parser Error Message: Unrecognized attribute 'slidingExpiration'.

Source Error:

Line 31: -->
Line 32: <authentication mode="Forms" >
Line 33: <forms loginUrl="Security/Login.aspx" protection="All"
slidingExpiration ="true" timeout="15" path="/" />
Line 34: </authentication>
Line 35:




How and where do I use the SlidingExpiration attribute.

Thanks
 
E

Ekta Agarwal

Hi,

I am still getting the same error message after looking into the URL you
have sent..

Regards,



Server Error in '/PITSHWebUI' Application.
------------------------------------------------------------------------
--------

Configuration Error
Description: An error occurred during the processing of a configuration
file required to service this request. Please review the specific error
details below and modify your configuration file appropriately.

Parser Error Message: Unrecognized attribute 'slidingExpiration'.

Source Error:


Line 32: <authentication mode="Forms" >
Line 33: <!--<forms loginUrl="Security/Login.aspx" protection="All"
slidingExpiration="false" timeout="15" path="/" />-->
Line 34: <forms name="name" loginUrl="Security/Login.aspx"
protection="All" timeout="15" path="/" slidingExpiration="true">
Line 35: </forms>
Line 36:


Source File: c:\inetpub\wwwroot\PITSHWebUI\web.config Line: 34
 
P

PL

I cannot see anything wrong in your code below but obviously you must have an error in spelling or casing or
something like that.

PL.
 
E

Ekta Agarwal

Hi,

I have checked the spelling, casing .
Still I can't use the slidingExpiration attribute in the Forms tag .I am
getting the same error message
'' Unrecognized attribute 'slidingExpiration' ''
Can anybody help me why?

Thanks
 
E

Ekta Agarwal

Hi,

Is there any other way to timing out the asp.net web application when
not in use for 15 minutes without installing asp.net 1.1

Thanks
 
E

enahar

Actually when session is timeout (20 minutes) it goes to session_end event
in glaobal.asax.cs but i don't know how to transfer from this point to login
page
Can anyone help me !

Regards
 
B

Brock Allen

Session_End fires outside of a Request into your system. So since there's
no request, there's no where to transfer to. When you should do is check
upon the next request to see if your Session data is gone, and if so take
the appropriate actions.

Now, since you've mentioned a login page, why are you using Session state
to track to see if the user's logged in? You should be using Forms authentication,
as this does all the necessary work to redirect the user to a login page
if they're not currently logged in.
 
E

enahar

Actually what i want to convey is
when the session is time out asp.net application goes to session_end event
(the code is shown below)after rumnning the event it stays in the same page
..I want to transfer to sessionTimeOut.aspx page .But beacause Session_End
fires outside of a Request into your system I can't use Response.Redirect.

How do I redirect now?

Regards




protected void Session_End(Object sender, EventArgs e)

{

if (Session["SessionID"] != null)

{

try

{

string LogoutURL="../Public/SessionTimeOut.aspx";

ESMSecurityModule.killSession(Session["SessionID"].ToString());

Session.Clear();

Session.Abandon();


Response.Redirect(LogoutURL);

}

catch

{

}

}

}





How to timing out the asp.net web application when not in use for 15
 
B

Brock Allen

As I suggested before you either need to add a check to every page to do
the redirect or you should be using Forms Authentication to to track the
user. I really think you'll have an easier time adopting Forms authentication.
Here's an article that should get you started:

http://msdn.microsoft.com/library/d...-us/vsent7/html/vxconASPNETAuthentication.asp




Actually what i want to convey is
when the session is time out asp.net application goes to session_end
event
(the code is shown below)after rumnning the event it stays in the
same page
.I want to transfer to sessionTimeOut.aspx page .But beacause
Session_End
fires outside of a Request into your system I can't use
Response.Redirect.
How do I redirect now?

Regards

protected void Session_End(Object sender, EventArgs e)

{

if (Session["SessionID"] != null)

{

try

{

string LogoutURL="../Public/SessionTimeOut.aspx";

ESMSecurityModule.killSession(Session["SessionID"].ToString());

Session.Clear();

Session.Abandon();

Response.Redirect(LogoutURL);

}

catch

{

}

}

}

How to timing out the asp.net web application when not in use for 15
Session_End fires outside of a Request into your system. So since
there's no request, there's no where to transfer to. When you should
do is check upon the next request to see if your Session data is
gone, and if so take the appropriate actions.

Now, since you've mentioned a login page, why are you using Session
state to track to see if the user's logged in? You should be using
Forms authentication, as this does all the necessary work to redirect
the user to a login page if they're not currently logged in.
 
P

Pril

Try:
HttpContext.Current.Request.Response.Redirect

lp, pl

enahar said:
Actually what i want to convey is
when the session is time out asp.net application goes to session_end event
(the code is shown below)after rumnning the event it stays in the same page
.I want to transfer to sessionTimeOut.aspx page .But beacause Session_End
fires outside of a Request into your system I can't use Response.Redirect.

How do I redirect now?

Regards




protected void Session_End(Object sender, EventArgs e)

{

if (Session["SessionID"] != null)

{

try

{

string LogoutURL="../Public/SessionTimeOut.aspx";

ESMSecurityModule.killSession(Session["SessionID"].ToString());

Session.Clear();

Session.Abandon();


Response.Redirect(LogoutURL);

}

catch

{

}

}

}





How to timing out the asp.net web application when not in use for 15


Brock Allen said:
Session_End fires outside of a Request into your system. So since there's
no request, there's no where to transfer to. When you should do is check
upon the next request to see if your Session data is gone, and if so take
the appropriate actions.

Now, since you've mentioned a login page, why are you using Session state
to track to see if the user's logged in? You should be using Forms
authentication, as this does all the necessary work to redirect the user
to a login page if they're not currently logged in.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,482
Members
44,901
Latest member
Noble71S45

Latest Threads

Top