Questions About Session Timeout

Discussion in 'ASP .Net' started by Joey, Aug 30, 2007.

  1. Joey

    Joey Guest

    I have an asp.net 2.0 app written in C# and VS2005. I sometimes have
    issues where users leave a page onscreen and then come back to it a
    few hours later and try to continue working. Of course, it doesn't
    work then. Currently they will encounter some sort of error message
    because the session has timed out.

    I need to develop a way to handle this!

    Some questions:

    1) If I want to set my session to timeout at 30 minutes, what should i
    set for session timeout both in IIS config and in the web.config file,
    for forms authentication.

    2) When I am using my online banking website, my webpage automatically
    logs me out after a set amount of time. How do I do that with my code?

    Thanks in advance for your help!
    Joey, Aug 30, 2007
    #1
    1. Advertising

  2. Joey

    Hans Kesting Guest

    > I have an asp.net 2.0 app written in C# and VS2005. I sometimes have
    > issues where users leave a page onscreen and then come back to it a
    > few hours later and try to continue working. Of course, it doesn't
    > work then. Currently they will encounter some sort of error message
    > because the session has timed out.
    >
    > I need to develop a way to handle this!
    >
    > Some questions:
    >


    > 2) When I am using my online banking website, my webpage automatically
    > logs me out after a set amount of time. How do I do that with my code?
    >
    > Thanks in advance for your help!
    >


    You can have a javascript timer in your html page, that redirects to some
    "session expired" page after the session should have timed out.
    Just be careful: the session timeout is in minutes and javascript
    works in milliseconds.
    It's not possible to wire up some "SessionEnd" event to redirect the
    browser anywhere, as that event happens on the server long after the
    last request has been served.

    Hans Kesting
    Hans Kesting, Aug 30, 2007
    #2
    1. Advertising

  3. Joey

    Steve Guest

    1. I'd set them both to 30 minutes. The IIS config will handle the
    session state, and the forms auth will handle the authentication cookie.

    2. This is what the auth cookie lifetime is for, which you set in the
    forms auth section of the web.config. Once this lifetime expires, the
    cookie is deleted (effectively logging you out).


    Steve C.
    MCSD,MCAD,MCSE,MCP+I,CNE,CNA,CCNA


    Joey wrote:
    > I have an asp.net 2.0 app written in C# and VS2005. I sometimes have
    > issues where users leave a page onscreen and then come back to it a
    > few hours later and try to continue working. Of course, it doesn't
    > work then. Currently they will encounter some sort of error message
    > because the session has timed out.
    >
    > I need to develop a way to handle this!
    >
    > Some questions:
    >
    > 1) If I want to set my session to timeout at 30 minutes, what should i
    > set for session timeout both in IIS config and in the web.config file,
    > for forms authentication.
    >
    > 2) When I am using my online banking website, my webpage automatically
    > logs me out after a set amount of time. How do I do that with my code?
    >
    > Thanks in advance for your help!
    >
    Steve, Aug 30, 2007
    #3
  4. Joey

    Patrice Guest

    Or just test Session.IsNewSession on the next round trip.

    If the timeout for authentication is lower than the session timeout you
    should even have thsi done for use as the authentication module will
    redirect anyway the user to the login page...

    ---
    Patrice

    "Hans Kesting" <> a écrit dans le message de
    news: ...
    >> I have an asp.net 2.0 app written in C# and VS2005. I sometimes have
    >> issues where users leave a page onscreen and then come back to it a
    >> few hours later and try to continue working. Of course, it doesn't
    >> work then. Currently they will encounter some sort of error message
    >> because the session has timed out.
    >>
    >> I need to develop a way to handle this!
    >>
    >> Some questions:
    >>

    >
    >> 2) When I am using my online banking website, my webpage automatically
    >> logs me out after a set amount of time. How do I do that with my code?
    >>
    >> Thanks in advance for your help!
    >>

    >
    > You can have a javascript timer in your html page, that redirects to some
    > "session expired" page after the session should have timed out. Just be
    > careful: the session timeout is in minutes and javascript
    > works in milliseconds.
    > It's not possible to wire up some "SessionEnd" event to redirect the
    > browser anywhere, as that event happens on the server long after the last
    > request has been served.
    >
    > Hans Kesting
    >
    >
    Patrice, Aug 30, 2007
    #4
  5. Joey

    mark4asp Guest

    On Thu, 30 Aug 2007 06:23:18 -0700, Joey <>
    wrote:

    >I have an asp.net 2.0 app written in C# and VS2005. I sometimes have
    >issues where users leave a page onscreen and then come back to it a
    >few hours later and try to continue working. Of course, it doesn't
    >work then. Currently they will encounter some sort of error message
    >because the session has timed out.
    >
    >I need to develop a way to handle this!
    >
    >Some questions:
    >
    >1) If I want to set my session to timeout at 30 minutes, what should i
    >set for session timeout both in IIS config and in the web.config file,
    >for forms authentication.
    >
    >2) When I am using my online banking website, my webpage automatically
    >logs me out after a set amount of time. How do I do that with my code?
    >
    >Thanks in advance for your help!


    This wigit worked quite nicely for me. It stops the users who have
    timed-out from generating exceptions.

    http://www.eggheadcafe.com/articles/20051228.asp
    mark4asp, Aug 31, 2007
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Do
    Replies:
    2
    Views:
    6,347
  2. bruce barker

    Re: ASPX Page Timeout - Session Timeout

    bruce barker, Jul 20, 2004, in forum: ASP .Net
    Replies:
    2
    Views:
    11,099
    ASP.Confused
    Jul 20, 2004
  3. =?Utf-8?B?Q3JhaWc=?=

    formsauthentication timeout & session timeout

    =?Utf-8?B?Q3JhaWc=?=, Aug 10, 2005, in forum: ASP .Net
    Replies:
    1
    Views:
    2,636
    =?Utf-8?B?RU5JWklO?= .enizin.net>
    Aug 10, 2005
  4. =?Utf-8?B?Um9iSEs=?=
    Replies:
    4
    Views:
    5,254
    =?Utf-8?B?Um9iSEs=?=
    Apr 11, 2007
  5. Mark Probert

    Timeout::timeout and Socket timeout

    Mark Probert, Oct 6, 2004, in forum: Ruby
    Replies:
    1
    Views:
    1,271
    Brian Candler
    Oct 6, 2004
Loading...

Share This Page