Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 327
  • Last Modified:

Session Timeouts

I have a huge web application that basically lives on the session of a customer id. And it takes a user almost 2 hrs to complete his work if he sits continuously at the terminal.

If he idles for about 20 mins..drinking a cup of coffee or he is over the phone...the session would time out.

But my application decides to insert null values of customer id into the db and thereby invoking primary key and foreign key constraint errors which have been imposed to avoid

1. for null
2. duplication
3. child tables can get the data only if the related key is a primary key in the main table..

Now I want this user to be not to be able to conitnue and be thrown to the mainpage and if he logs in again my code will anyway take him to the page where he left of as that is being already handled.

I also want the user to know that his session has timedout. How do I let the user know.
Please note that I am using basic authetication... and my session("cust_id") = request.servervariables("logon_user")
Can the global.asa handle redirection code. As far as i know global.asa never gets executed so Http://  requests are not possible.
Pl. somebody let me know as soon as you can
0
qualityacube
Asked:
qualityacube
1 Solution
 
mgfranzCommented:
Redirects are handled fine by the Response.Redirect()

<%  Session.Timeout = 20  %>

See the Managing Sessions page;

http://msdn.microsoft.com/library/psdk/iisref/iiapsess.htm
0
 
qualityacubeAuthor Commented:
I know the default session is 20. And I have increased it too.

But I would like to know how it is exactly handled when it times out.

And how would the session_onEnd would look like to handle such timeouts.

I am not programmatically timing out and dont want to.
0
 
mgfranzCommented:
When it times out, it is the same as a Session.Abandon() event.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
qualityacubeAuthor Commented:
Fine... it times out...

when the user clicks on refresh...on the page.. what happens ?

It seeks in the global.asa and sees on session_onEnd what it has to do..

in the session_onEnd do I have to give a response.redirect("url") to some URL. I need a working example please if you can.

I am also seeing how OWA functions.

0
 
mgfranzCommented:
I don't have any working examples on a Redirect, but you should be able to just write a sub that redirects on timeout...
0
 
qualityacubeAuthor Commented:
i did write one and put it in global.asa

Sub Session_OnEnd
response.redirect("http://www.clarixxon.com")
end sub

it never worked.


I added the same code in another file...it never worked.


0
 
clockwatcherCommented:
You'll have to check when they make the next request whether they're logged in or not and then redirect.

On login set up a flag to indicate a logged in status.

<% session("loggedin") = true %>

Then create code which does a redirect if they're not logged in.

logcheck.asp
<%
  if not session("loggedin") then  
%>
<html>
<script language="javascript">
function notloggedin() {
  location.href="login.asp";
}
</script>
<body onload=
"window.setTimeout('notloggedin()', 500);">
Sorry, either your session timed out or you're trying to access this page before you've logged in.  Redirecting to login page.
</body>
</html>
<% response.end
  end if %>

Then in every page that you need to make sure that the person is logged in simply include the file above.

<!-- #include virtual="/virtual/path/to/logcheck.asp" -->
<%  rest of your page goes here %>
0
 
qualityacubeAuthor Commented:
Yipee... Clockwatcher.. Thats what I did.

I accomplished the same yesterday.
I am anyway capturing the
session("cust_id")=request.servervariables("LOGON_USER")

I had an .inc file put in place with the

if session("cust_id") = "" then
   response.redirect ("URL")
end if.

and it was working perfectly fine.

Thanks all the same.

For your info...I cant have my own timeouts... I need to go by the IIS timeout settings.
0
 
gkostovCommented:
----common.asp-----
<%      sub HTMLHeader(title) %>
      <html><head><title><%= title %></title></head><body>
<%      CheckExpired
      end sub %>

<%      sub HTMLFooter %>
      </body></html>
<%      end sub %>

<%      sub Expired %>
      Your session expired. Please <a href="default.asp">relogin</a>
<%      end sub %>

<%      sub CheckExpired
            if IsEmpty(Session("CUST_ID")) then Expired : HTMLFooter : Response.End
      end sub %>
----default.asp-----
<%@      language=VbScript %>
<%      option explicit %>

<!-- #include file="common.asp" -->

<%      Session("CUST_ID") = Request.ServerVariables("LOGON_USER")
      call HTMLHeader("Welcome") %>

      Welcome <%= Session("CUST_ID") %><br>
      Go <a href="here.asp">here</a><br>
      Go <a href="there.asp">there</a><br>
      Go <a href="abandon.asp">there thru abandon :o)</a>

<%      HTMLFooter %>
----here.asp-----
<%@      language=VbScript %>
<%      option explicit %>

<!-- #include file="common.asp" -->

<%      call HTMLHeader("Here") %>

      <%= Session("CUST_ID") %>, you are here

<%      HTMLFooter %>
----there.asp-----
<%@      language=VbScript %>
<%      option explicit %>

<!-- #include file="common.asp" -->

<%      call HTMLHeader("Here") %>

      <%= Session("CUST_ID") %>, you are there

<%      HTMLFooter %>
----abandon.asp-----
<%@      language=VbScript %>
<%      option explicit %>

<!-- #include file="common.asp" -->

<%      Session.Abandon
      Response.Redirect("there.asp") %>
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now