Re: [DotNetDevelopment] Handling session timeout in ASP.Net 2 vs IIS 6.

Tue, 26 Jan 2010 22:45:31 -0800 

You can override OnInit of Page class, and check if the session created is
new by calling IsNewSession( ) of HttpSessionState

Check this out for details
http://aspalliance.com/520_Detecting_ASPNET_Session_Timeouts.all

On Tue, Jan 26, 2010 at 2:37 PM, Burbletrack <[email protected]> wrote:

> Hi all,
>
> I am developing a web application in ASP.Net 2.
>
> The landing page is a login page with two other pages "Contact Us" and
> "Password Reminder" that allow anonymous access. When the user is
> loged in and accessing other pages, upon session timeout, the user
> must be redirected to the login page unless he/she is allready in the
> login page or one of the anonymous pages.
>
> I have the following code in my Global.asax file.
>
>        protected void Session_Start(object sender, EventArgs e)
>        {
>            string request_cookies = Request.Headers["Cookie"];
>
>            if ((null != request_cookies) && (request_cookies.IndexOf
> ("ASP.NET_SessionId") >= 0))
>            {
>                string lastLocation = Request.FilePath;
>
>                switch (lastLocation)
>                {
>                    case "/Login.aspx":
>                    case "/ContactUs.aspx":
>                    case "/PasswordRetrieve.aspx":
>                        return;
>                    default:
>                        Response.Redirect("~/Login.aspx?timeout=1");
>                        break;
>                }
>            }
>        }
>
> This works well when running in debug mode / .Net environment. When
> session is timed out, the user is successfully redirected to the login
> page. The login page then uses the following code to activate a label
> indicating that timeout has occured...
>
>        protected void Page_Load(object sender, EventArgs e)
>        {
>            if (Request.Params["logout"] == "1")
>            {
>                Session.Remove("CurrentUser");
>            }
>
>            if (Request.Params["timeout"] == "1")
>            {
>                lblTimeout.Visible = true;
>            }
>        }
>
> Like I said, all this works fine in debug mode, but when hosted in IIS
> 6, upon timeout, the user is redirected to the login screen, but it
> seems an infinite loop of some kind is occuring and it keeps
> redirecting to the login page even thoug it is allready there. As if
> the login page keeps posting back.
> Has anyone experienced this before? Any solutions?
>
> Regards.
>

Reply via email to