Solved

Session Timeouts

Posted on 2000-02-25
9
317 Views
Last Modified: 2006-11-17
I have a huge web application that basically lives on the session of a customer id. And it takes a user almost 2 hrs to complete his work if he sits continuously at the terminal.

If he idles for about 20 mins..drinking a cup of coffee or he is over the phone...the session would time out.

But my application decides to insert null values of customer id into the db and thereby invoking primary key and foreign key constraint errors which have been imposed to avoid

1. for null
2. duplication
3. child tables can get the data only if the related key is a primary key in the main table..

Now I want this user to be not to be able to conitnue and be thrown to the mainpage and if he logs in again my code will anyway take him to the page where he left of as that is being already handled.

I also want the user to know that his session has timedout. How do I let the user know.
Please note that I am using basic authetication... and my session("cust_id") = request.servervariables("logon_user")
Can the global.asa handle redirection code. As far as i know global.asa never gets executed so Http://  requests are not possible.
Pl. somebody let me know as soon as you can
0
Comment
Question by:qualityacube
9 Comments
 
LVL 18

Expert Comment

by:mgfranz
ID: 2559616
Redirects are handled fine by the Response.Redirect()

<%  Session.Timeout = 20  %>

See the Managing Sessions page;

http://msdn.microsoft.com/library/psdk/iisref/iiapsess.htm
0
 

Author Comment

by:qualityacube
ID: 2559833
I know the default session is 20. And I have increased it too.

But I would like to know how it is exactly handled when it times out.

And how would the session_onEnd would look like to handle such timeouts.

I am not programmatically timing out and dont want to.
0
 
LVL 18

Expert Comment

by:mgfranz
ID: 2559847
When it times out, it is the same as a Session.Abandon() event.
0
 

Author Comment

by:qualityacube
ID: 2559887
Fine... it times out...

when the user clicks on refresh...on the page.. what happens ?

It seeks in the global.asa and sees on session_onEnd what it has to do..

in the session_onEnd do I have to give a response.redirect("url") to some URL. I need a working example please if you can.

I am also seeing how OWA functions.

0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 18

Expert Comment

by:mgfranz
ID: 2559926
I don't have any working examples on a Redirect, but you should be able to just write a sub that redirects on timeout...
0
 

Author Comment

by:qualityacube
ID: 2559943
i did write one and put it in global.asa

Sub Session_OnEnd
response.redirect("http://www.clarixxon.com")
end sub

it never worked.


I added the same code in another file...it never worked.


0
 
LVL 25

Expert Comment

by:clockwatcher
ID: 2560220
You'll have to check when they make the next request whether they're logged in or not and then redirect.

On login set up a flag to indicate a logged in status.

<% session("loggedin") = true %>

Then create code which does a redirect if they're not logged in.

logcheck.asp
<%
  if not session("loggedin") then  
%>
<html>
<script language="javascript">
function notloggedin() {
  location.href="login.asp";
}
</script>
<body onload=
"window.setTimeout('notloggedin()', 500);">
Sorry, either your session timed out or you're trying to access this page before you've logged in.  Redirecting to login page.
</body>
</html>
<% response.end
  end if %>

Then in every page that you need to make sure that the person is logged in simply include the file above.

<!-- #include virtual="/virtual/path/to/logcheck.asp" -->
<%  rest of your page goes here %>
0
 

Author Comment

by:qualityacube
ID: 2561118
Yipee... Clockwatcher.. Thats what I did.

I accomplished the same yesterday.
I am anyway capturing the
session("cust_id")=request.servervariables("LOGON_USER")

I had an .inc file put in place with the

if session("cust_id") = "" then
   response.redirect ("URL")
end if.

and it was working perfectly fine.

Thanks all the same.

For your info...I cant have my own timeouts... I need to go by the IIS timeout settings.
0
 

Accepted Solution

by:
gkostov earned 75 total points
ID: 2568232
----common.asp-----
<%      sub HTMLHeader(title) %>
      <html><head><title><%= title %></title></head><body>
<%      CheckExpired
      end sub %>

<%      sub HTMLFooter %>
      </body></html>
<%      end sub %>

<%      sub Expired %>
      Your session expired. Please <a href="default.asp">relogin</a>
<%      end sub %>

<%      sub CheckExpired
            if IsEmpty(Session("CUST_ID")) then Expired : HTMLFooter : Response.End
      end sub %>
----default.asp-----
<%@      language=VbScript %>
<%      option explicit %>

<!-- #include file="common.asp" -->

<%      Session("CUST_ID") = Request.ServerVariables("LOGON_USER")
      call HTMLHeader("Welcome") %>

      Welcome <%= Session("CUST_ID") %><br>
      Go <a href="here.asp">here</a><br>
      Go <a href="there.asp">there</a><br>
      Go <a href="abandon.asp">there thru abandon :o)</a>

<%      HTMLFooter %>
----here.asp-----
<%@      language=VbScript %>
<%      option explicit %>

<!-- #include file="common.asp" -->

<%      call HTMLHeader("Here") %>

      <%= Session("CUST_ID") %>, you are here

<%      HTMLFooter %>
----there.asp-----
<%@      language=VbScript %>
<%      option explicit %>

<!-- #include file="common.asp" -->

<%      call HTMLHeader("Here") %>

      <%= Session("CUST_ID") %>, you are there

<%      HTMLFooter %>
----abandon.asp-----
<%@      language=VbScript %>
<%      option explicit %>

<!-- #include file="common.asp" -->

<%      Session.Abandon
      Response.Redirect("there.asp") %>
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have helped a lot of people on EE with their coding sources and have enjoyed near about every minute of it. Sometimes it can get a little tedious but it is always a challenge and the one thing that I always say is:  The Exchange of information …
I was asked about the differences between classic ASP and ASP.NET, so let me put them down here, for reference: Let's make the introductions... Classic ASP was launched by Microsoft in 1998 and dynamically generate web pages upon user interact…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now