Session Timeout

Hi,

My current application includes a login page, which deciphers the current user/security privileges etc.

Once this is determined I am populating session variables - which are used within subsequent sql queries / pages etc.

I am hoping to capture the session timing out so that I can the redirect the user back to the initial login page, so that the variables can be reset correctly (I don't want to use application variables).

This works fine, however, if the user happens to be within a frame when the session timesout, then the 'response.redirect' method brings the login page within the current frame.

Is there any way that I can break out of any frames they may happen to be in, so that the login page always shows up as being 'maximised'?

Andy
amtateAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

robbertCommented:
amtate,
in ASP, there is no method for windows, or frames.

In loginpage.asp, you can place;

<script language=javascript>
  if (self.location.href != top.location.href) {
    top.location.href = self.location.href
  }
</script>
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
cable4096Commented:
Put the response.redirect in the first HTML that loads the frame.

Target="_top" usually puts the page at the top on the client side. If you can somehow put that into the redirect, it might work.

You might also want to try meta tags

<meta http-equiv="refresh" content="1; URL=expired.asp">

But I am not sure how to put a target into there, unless:

<meta http-equiv="refresh" content="1; URL=expired.asp target=_top">

Works?

0
md_harrisCommented:
You could put the user redirection in the global.asa file in the Session_OnEnd block. Then put one of the previous javascripts on the login page to get out of any frames.


In global.asa:
---------------------
Session_OnEnd
  Response.Redirect("http://www.whatever.com/login.asp")
End Sub

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ASP

From novice to tech pro — start learning today.