Re - login due to session expired in ASP

In many of the sites which require login id to enter , after some time of logging in if the user is inactive the message comes "The session has expired. Please Re-login". How to set this Expire Time Value and how to capture the expire of time through ASP.

I have designed a web site which runs on IIS and i have not set any expire time in the ASP code. but after logging in if I dont do anything for some time, and then i click on any of the hyperlinks, it takes me directly to login page of my site. How is that possible and what should i do to capture it.

Also, Is it possible to capture the Internet Explorer errors such as error no. 401,402 etc.
Please help me in both these questions
suryaperiAsked:
Who is Participating?
 
fz2hqsConnect With a Mentor Commented:
Apologies if my comment came accross rude. You must already have a bit of code that checks for certain sessions variables then if not there redirects to the log in page, IIS is not intelligent enough to do it by itself.

You simply need to adjust the logic in that redirect. Hopefully you use an include page that has the session check in, where it issues a response.redirect "/whatever_the_login.asp" just append a "?Err=Timeout" to the appropriate redirect Then have some logic on the login page that if the request includes the Err=Timeout you give the user a big error message telling them that they shouldn't drink so much tea, and do a bit more work
0
 
fz2hqsCommented:
(I'll assume Win2k) The Session timeout is by default 20 mins, you can access it through the IIS MMC get the properties of the website in question and under the home directory tab press the configuration button. Go to the app options tab. From that point on it is fairly obvious.

Custom Errors. First off go and create your own error handling pages - they need not handle the error, might just be a search page. Next in the IIS MMC again, properties of the site, then the Cutom Errors tab. Pick out the error you want to replace with the path to your new page.

-Stuart

0
 
tomvergoteCommented:
just on a side note:
don't set your session timeout too hight, it will adversely affect your servers performance as session-objects will be stored in memory for as long as the session lasts.
If new users connect but old sessions don't time out you will have a serious memory/stability problem

You can also set the timeout for a specified session through code (session.timeout = numseconds), then the timeout for that particular session will be raised to numseconds sec.

for the rest: fz2hqs answered it already
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
suryaperiAuthor Commented:
thanx fz2hqs:
what u told i already know. but the problem is:

the website goes to login page automatically after the user does not do anything some time and then clicks any hyperlink. i want to capture that and take the user to another page which tells him why he has to re-login or that he should not leave page inactive for much time.

pl. consider this
suryaperi
0
 
tomvergoteCommented:
try this:
when the user first logs in, you set a cookie for an hour or two which remembers the user was previously logged in

in your login page you test for the cookie, and if the user had previously been logged in you show your sessiontimeout-message, otherwise you show a normal login page.

not an ideal solution but it should work
0
 
suryaperiAuthor Commented:
dear fz2hqs

ok now i got ur point. i m having session variable userid which checks at the starting of each page whether the userid has privilege to view that page or not. if not then it takes user to login page

 so what i guess is  when session expires all session variables vanish the checking at the start of each page fails and takes to login page. i m sorry as i forgot that session variables vanish on expire of a session.

thanks for ur help
0
 
suryaperiAuthor Commented:
dear fz2hqs

ok now i got ur point. i m having session variable userid which checks at the starting of each page whether the userid has privilege to view that page or not. if not then it takes user to login page

so what i guess is  when session expires all session variables vanish the checking at the start of each page fails and takes to login page. i m sorry as i forgot that session variables vanish on expire of a session.

thanks for ur help
0
All Courses

From novice to tech pro — start learning today.