State Management :: Destroying A Session Of A User From Another User
Apr 23, 2010
I am a little bit new at handling multiple sessions congruently.
Basically i have created a chat application. In which i have a moderator page.
Now the moderator has the privilege to block particular users from the chat. Every user including the moderator has a session variable defined as Session["UserID"].
e.g for the username "moderator" the Session["UserID"]=moderator.
Now as i am logged in as the moderator how do i delete the session of a particular user whom i want to block the chat from commencing.
We have a web site that implements a custom SiteMapProvider using a User Control added in the master page. I need to be able to limit the sitemap nodes added depending on the logged in user, that is, certain users should not see certain sitemap nodes. Currently, the login processing code determines if users are in the certain category or role and then sets a value in session state, for example, Session["UserInRoleXXX"] = "Yes"; I tried changing the code in the user control to check the session state, but I got the following error: NullReferenceException ... Object reference not set to an instance of an object." Can session state be accessed in a user control?
I have a very basic application with user authentication. I also have a grid in my masterpage that shows all the users logged on. However, after a user logs out, it still shows them to be logged on in the users grid for the duration of the session, which is 20 mins. How do I get the grid to exclude users who've logged out? Here's the code behind for the grid:
In my ASP.NET application I need to allow only one session for a user ? When a user does login more than once, I want to get to user's previous session and abandon it. I'm keeping track of all user sessions by means of session id. But Session.Abandon is available only for the current session associated with a request and not previous sessions. I have the session id of the user's previous session but how can I end it ?
I need to store a large amount of data in user's session but I guess using Session Object is not the best way of doing that. Is there any other way around??? Remember I don't have small variables to store, I have large collections.
Description: An error occurred during the parsing of a resource required to service this request. review the following specific parse error details and modify your source file appropriately.
i want to know how i can ReNew The Life Time Of Page.User.Identity.UserId Session, , how i can increase the Time Of this session ??
i want this scenario in case when the user LogOn for 15 minutes , then the page refreshed ,then renew the TimeOut Of Session by adding addtional 15 minutes and so on
note that im using Page.User.Identity.UserId Session
I am working on a site in which some pages are to be run on secured server(ie https) & some on non-secured(ie http) eg Login, User Information, etc. will be run under https & View cart, etc. are to be run on http. Now, when user chooses some products in his cart, he is prompted to enter login details. After he fills in his login detail(ie in https), he is redirected to Checkout. But here the Session doesn't picks the value and it shows Session[UserID] value null. So, rather then redirecting to Checkout it shows MyAccount page. Does anyone know how to pass Session Value from https to http.
My prior asp.net apps used windows authentication on an intranet. Now I'm developing an app for the internet and am stumbling over how to properly manage user sessions and state.
I first developed my web site functionality; created the SQL DB and got all of the pages to properly handle the data. Then, I installed the SQL Membership database and was able to get the CreateUser, Login, Logout pages to work. On the Verify process for the Userid, I added a step that will take the membership UserId value and create a Company record in my tables and link my CompanyId key with the UserId.
At Login time, I create a CompanyId session variable; each page uses it to retrieve records for the user. When Session Timeout occurs and the user click a link to another page, the app redirects properly to a Login page. However, if the time expires and then the user interacts on that same page, 'Object not set to an instance of the object' - the CompanyId session variable has expired.
What is the proper way to handle this? I'd like the page to automatically redirect to a TimedOut page (this would happen automatically without the user doing anything).
I considered writing a Function where I pass the Session variable I want and the Function sees if it exists; if it doesn't it would do a Response.Redirect to the TimedOut page...I can't get the Redirect to work in a Class Function ('reference to a non-shared member...').
I assumed that I should set CompanyId as a Session Variable so each page knows the user to get data for. Another approach is to use the membership User and if it is still valid, do a DB lookup to get the CompanyId. I did not choose this because I felt that it would increase DB traffic and web traffic.
Here are several relevant settings from my web.config:
I have one web application. In that, I have two pages. One is view/edit page and another one is login page. The view/edit page contains one edit button and one login button.
First I execute view/edit page, at that time I dont want to show edit button. When user clicks login button, the page will be redirected to login page, where the user has to enter username and password. If user enters both correct, again the page will be redirected back to view/edit page. This time, the edit button has to be shown to make some modifications, since the user is authenticated.
I tried this thing by using session with cookieless. It works perfectly but some times it shows web page not available. I made session timeout 120 minutes and cookieless is true. In URL session ID also available.
So, whats the alternate way to maintain user log state or whats wrong in web.config file.
I am looking for an elegant (i guess as elegant as it can be) solution to caching a users profile on login (whether it is session, cache, cookie, etc) and keeping it in sync when a users profile is changed. How do you guys handle this? Just simply call a Flush() method in your Save() method that invalidates the cache?
How can I redirect the user to the first page when they've been idle for more than 20 minutes or so?Here's my session timeout time in my web config file:
Ok so I am working on a control that when the user comes from a specific website then it will be a certain action. What would be the easiest way to do this?
We have take over a classic asp site. Everything works fine, but we are making improvements to some reports and adding new reports, so we are doing this in .NET, with that said, after reviewing the secuirty code, there are 2 sessions that are set and used thru-out the site as part of some of the individual page queries.
I know that the sessions are being populated, because the reports that use those values return records.. now with a new report we are working on, i need to pass those values into my query. But when i try using the session names the page is coming up saying the following:Object reference not set to an instance of an object.
Is there anyway to add something to my page code to see what sessions are actually being created and their values.. maybe im using the wrong variable names.. but the security code is pretty straight forward.. at login, if successful, 2 values are returned and stored in 2 sessions.. i need to use those with my new page.. so trying to figure out why the existing pages work fine with that and my new page does not..
Basically, i'd like to write to the screen the session variables that are being created on the login page.
