I have a button that executes a script using AJAX.Normally when a session is still active the script will return some data that will be placed inside the parent page.If the session expired the AJAX will return the login screen which gets placed inside the parent page which looks really odd.How would I be able to detect a session timeout and do a postback on the parent page?
View 2 RepliesI am trying to detect a session state timeout in my asp.net application and am unable to do so. I have a base class that derives from System.Web.UI.Page as follows:-
public class BasePageSessionExpire : Page
{
override protected void OnInit(EventArgs e)
{
base.OnInit(e);
if (Context.Session != null)
{
if (Session.IsNewSession)
{
string szCookieHeader = Request.Headers["Cookie"];
if ((null != szCookieHeader) && (szCookieHeader.IndexOf("ASP.NET_SessionId") > 0))
{
Session.Abandon();
Response.Redirect("~/SessionExpired.aspx",true);
}
}
}
}
}
All the pages I need session state checking on derive from this base class instead of "System.Web.UI.Page". Also, all these pages have EnableSessionState="True". I have a blank Session_Start() method in my global.asax file if that is relevant at all.
For some reason after the first request, the "Session.IsNewSession" property is always false. It is true only for the first request and then is always false. I have my timeout set to 1 minute. The session never seems to timeout. What am I missing here ?
Also I have implemented a state server in SQL Server 2008. This is not an in-proc session state implementation.
There is a thread addressing this but it does not provide the type of answer I am seeking.
When login page is requested due to timeout, there is query string parameter "ReturnUrl" which is very nice and I want to keep that. However, timeout is not the only scenario that generates that parameter. If a restricted page is requested before the user is authenticated, such parameter exists too.
Here is my question is, how can the timeout be detected in the code-behind of the login page assuming the login page is directed to by IIS not by code-behind?
When using modalpupextender ..after post back the ModalpopupExtender not working !!
View 1 RepliesWe have the timeout value set to 120 in our <form> tag within the web.config. We do not have a session timeout set.. and we have various connection strings.
We are having a problem where a session variable will disappear (become NULL) .. but, the form evidently remains 'open'.. or no re-login is required..... so, my question(s):
1. what is the relationship between form timeout and session timeout
2. how do I set session timeout
I wanna write a method to get or set session timeout at run time.
View 1 Repliesi am using a multi selecting file upload control which is postBack free.
I am using session timeout.
My problem is that during files uploading my session got expired. Bcoz my uploader not being postback so i can't enhance session timeout. and while uploading my session got expired and process was not ompleted, causes some imp files could not uploaded.
I just want to know how to detect a page is refreshed or reloaded apart from Postback. Just clicking the reload button in the browser...
View 1 RepliesI've seen multiple articles like this one that explain how to detect that a user's session has timed out. And for clarity's sake, these articles are referring to the timeout value defined by this web.config line:
<sessionState mode="InProc" cookieless="UseDeviceProfile" timeout="120" />
Not to get into that method too much, but this involves checking that Session.IsNewSession is true and that a session cookie already exists. But I haven't seen any articles on how to detect authentication timeout -- the one defined by this web.config line:
<authentication mode="Forms">
<forms loginUrl="~/Home/Customer" timeout="60" name=".ASPXAUTH" requireSSL="false" slidingExpiration="true" defaultUrl="~/Home/Index" cookieless="UseDeviceProfile" enableCrossAppRedirects="false"/>
</authentication>
Multiple articles online, including this SO post, have said that your Session timeout value should generally be double your Authentication timeout value. So right now, as above, my Session is 120 and my Authentication is 60. This means that I'll never get in a situation where the Session has timed out, but the user is still Authenticated; if the user ever times out, it will be due to Authentication, not Session.
I'm load testing an asp.net app.The load test is simulating 500 user doing searchs on the site and browsing the results. I'm observing that the more I reduce the session timeout limit (in web.config) the better the page response time.exemple, with a timeout at 10 minutes, I got an average response time of 8.35 seconds.
With a timout at 3 minutes, the average response time for the same page is 3,98 seconds.The session in stored "InProc".
I have a site that when a user logs in it sets their initials into a session variable and sets the timeout value like so:
[Code]....
I want the user to be logged in for 3 hours. This does not work, the session expires after a short period of time, maybe 20 minutes. What do I need to change to make this page level validation work?I have tried setting in web.config also, but this doesn't work either.
<sessionState mode="InProc" cookieless="true" timeout="180" />
We have a asp.net application where users will apply for jobs online. When users fill out the form the page isn't timing out the session. If a user goes back to the main page the last user's information is still available.
I have setup many websites and have never had to make any changes on IIS, under the configuration within the website. The default is 20 minutes we can change it to 8 or 10, but I think this issue should be taken care of in the code. The setting will affect the entire site instead of the pages that need to timeout.
What is the best way to do this within the code?
I have one website in which there is one page along with one ascx as registered into it. In the ascx where user can add some order details and click on "Make Payment" button, then there are following 2 cases...Case I: If user was not logged in, then a modal popup will open which has login ascx with 2 buttons Register & Login. In this case user either Login or Register and continue with "Make Payment".
View 5 RepliesThe session state timeout is set using this web.config element
<sessionState mode="InProc" cookieless="false" timeout="120" />
The forms auth is configured using this web.config element
<system.web>
<authentication mode="Forms">
<forms loginUrl="Login.aspx"
protection="All"
timeout="30"
name=".ASPXAUTH"
path="/"
requireSSL="false"
slidingExpiration="true"
defaultUrl="default.aspx"
cookieless="UseDeviceProfile"
enableCrossAppRedirects="false" />
</authentication>
</system.web>
What is the difference between the timeouts specified in each of these elements? If both are different, how would it work?
i would like to redirect user to login page after defining session timeout
how to redirect the user to my login.aspx and how to set session time out within web.config
How can I remove or Dispose a session once user navigate from one page to other. I just want to use a session which should expire when user navigate to other page..its same like view state..we don't get viewstate information on page to page. why session: i need to keep one value on page constant on page refresh where as Viewstate will be reset to null on page refresh...and i just don't want to use that session once user navigate to other pages.. where i need to plcae the session dispose in page events or methods?..or is there any way to keep viewstate on page refresh?
View 9 RepliesI have a aspx page, in that page i have an Iframe. In the Iframe i do some stuff in code behind and when it is done I would like to do a postback from the aspx. In other words, Is it possible to do a postback programatically from the code behind of the iframe to the parent page?I think a postback can be done using "ClientScript.GetPostBackClientHyperlink(New Control(), String.Empty)" but that will only do a postback for the iframe i think.
View 4 Repliesi have two web aplications running on different sites.
1. site gets user information and show another website (2. site) in an i frame. but when i do this 2. site session starts again on every page.postback . if i connect to 2. site without 1. site everything works well.
I have a page of each every click has ajax call to my server (hence, the ASP extends the session)
I have ASP.NET session set to Xmin. I want when X+1 min expires, I have expiration page. what I did was to set the JS timer to validate every x+1min to see if the session expired (the problem is that the JS and the ASP session timeouts are not synced)
I want to redirect to login page,when session is timedout. Here is the link i am following [URL] ...
For example: If i am in the page called http://localhost/RealWebApp/Dashboard/RealProfile.aspx
when session is timed out, this page is showing like http://localhost/RealWebApp/Dashboard/logout.aspx
But i wanted to be like : http://localhost/RealWebApp/logout.aspx
If I use like this in master page:
meta.Content = Convert.ToString(Session.Timeout * 60) + ";url=../LogOut.aspx";
then it is redirecting to http://localhost/Logout.aspx
But i wanted to be like : http://localhost/RealWebApp/logout.aspx
How to accomplish this:
protected void Page_Load(object sender, EventArgs e) {
HtmlMeta meta = new HtmlMeta();
meta.HttpEquiv = "Refresh";
meta.Content = Convert.ToString(Session.Timeout * 60) + ";url=LogOut.aspx";
this.Page.Header.Controls.Add(meta);
}
How to page redirect in Global.asax Session_End ?
View 1 RepliesThe Silverlight app has a link to a different group of reports. This *was* working fine but no more. In the following code you can see the 'Reports' part that it calls another page [URL] namely right here: WHat is happening is when the reports page is called, it goes into 'Session timeout ' right away.
<
StackPanel Orientation="Horizontal"
VerticalAlignment="Top" HorizontalAlignment="Right"
Margin="5, 1">
<HyperlinkButton x:Name
="ReportsLink"
[Code]....
I have several usercontrols which are loaded based on business logic.However, all of them have webcontrols whose selected/entered value needs to be accessible in parent page on an event.Since there can be any combination of UserControls, I do not want to load all the UserControls in the Parent Page, since they are heavy.
I would like to load only those controls which are supposed to appear on the page, yet access the value from the usercontrol which caused the postback. (I would rather not access using Request.Form) (ViewState is open, but unsuccessful to store value in parent page's viewstate in onClick)Here is a sample scenario
Page: Home
Dynamically Loads: UserControls1
UserControls has TextBox tb and Button btn, causing onClick
When btn is clicked, I want to get value of tb in parent page on PostBack, Page creates UserControl2
I created a user control for my web application that checks for Session Timeout. If the criteria are met for Timeout, I use Response.Redirect to send the user back to the login page. I include this user control in my Master page, and run the SessionTimeoutcode in the user control's Page_Init event. That all works great. However, once the user logs in again after time-out (and I have verified that the OnLoggedIn event does fire) the user is redirected to the DestinationPageUrl. That page runs the Session Timeout check when it loads (as it should) and the Session Timeout code "says" that the session is still timed-out.
View 1 RepliesI'm working to set up/correct my session timeout code, and have consulted numerous articles like this one and this SO post for ideas on how best to do this. The solution to detecting a session timeout that I continue to see over and over is to first check the Session.IsNewSession property for true, and if so, then check to see if a session cookie already exists. I guess the logic here is that the user has ended their last session that timed out, started a new session, but the old cookie wasn't yet removed. The code for those checks looks like this:
[CODE]...
The problem is that the session does not end, and all of my session timeout checks are in the Home/Customer action (I use MVC). So I'm redirected to Home/Customer, and I run through the checks above, but when I get to Session.IsNewSession, it's false, because the session is still alive (I assume because I'm still within the 120 minutes I have set)