Questions About Session Timeout

J

Joey

I have an asp.net 2.0 app written in C# and VS2005. I sometimes have
issues where users leave a page onscreen and then come back to it a
few hours later and try to continue working. Of course, it doesn't
work then. Currently they will encounter some sort of error message
because the session has timed out.

I need to develop a way to handle this!

Some questions:

1) If I want to set my session to timeout at 30 minutes, what should i
set for session timeout both in IIS config and in the web.config file,
for forms authentication.

2) When I am using my online banking website, my webpage automatically
logs me out after a set amount of time. How do I do that with my code?

Thanks in advance for your help!
 
H

Hans Kesting

I have an asp.net 2.0 app written in C# and VS2005. I sometimes have
issues where users leave a page onscreen and then come back to it a
few hours later and try to continue working. Of course, it doesn't
work then. Currently they will encounter some sort of error message
because the session has timed out.

I need to develop a way to handle this!

Some questions:
Click to expand...
2) When I am using my online banking website, my webpage automatically
logs me out after a set amount of time. How do I do that with my code?

Thanks in advance for your help!
Click to expand...

You can have a javascript timer in your html page, that redirects to some
"session expired" page after the session should have timed out.
Just be careful: the session timeout is in minutes and javascript
works in milliseconds.
It's not possible to wire up some "SessionEnd" event to redirect the
browser anywhere, as that event happens on the server long after the
last request has been served.

Hans Kesting
 
S

Steve

1. I'd set them both to 30 minutes. The IIS config will handle the
session state, and the forms auth will handle the authentication cookie.

2. This is what the auth cookie lifetime is for, which you set in the
forms auth section of the web.config. Once this lifetime expires, the
cookie is deleted (effectively logging you out).


Steve C.
MCSD,MCAD,MCSE,MCP+I,CNE,CNA,CCNA
 
P

Patrice

Or just test Session.IsNewSession on the next round trip.

If the timeout for authentication is lower than the session timeout you
should even have thsi done for use as the authentication module will
redirect anyway the user to the login page...
 
M

mark4asp

I have an asp.net 2.0 app written in C# and VS2005. I sometimes have
issues where users leave a page onscreen and then come back to it a
few hours later and try to continue working. Of course, it doesn't
work then. Currently they will encounter some sort of error message
because the session has timed out.

I need to develop a way to handle this!

Some questions:

1) If I want to set my session to timeout at 30 minutes, what should i
set for session timeout both in IIS config and in the web.config file,
for forms authentication.

2) When I am using my online banking website, my webpage automatically
logs me out after a set amount of time. How do I do that with my code?

Thanks in advance for your help!
Click to expand...

This wigit worked quite nicely for me. It stops the users who have
timed-out from generating exceptions.

http://www.eggheadcafe.com/articles/20051228.asp
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Forms timeout, Session timeout 0
Session Timeout isn't working correctly. 6
Session Timeout 4
ASP.Net Session Timeout? 3
Session timeout in IIS and web.config, which overwrites which? 9
timeout 5
Session Timeout, not working 2
Session TimeOut 3

Members online

Total: 21 (members: 2, guests: 19)
Robots: 589

Forum statistics

Threads
473,769
Messages
2,569,579
Members
45,053
Latest member
BrodieSola

Latest Threads

Top