• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 140
  • Last Modified:

When using Forms authentication is there a way to redirect the user back to the login page if they are inactive for a given period of time.

I have an application that uses forms authentication to Authenticate against the Active Directory.  If there is no activity for 30 minutes or more and the user then tries to do anything, navigate to a different page, click the submit button etc. I want them to be redirected back to the login page.

In the Web.config file I have the following entries:

    <authentication mode="Forms">
        <forms loginUrl="logon.aspx" name="adAuthCookie" timeout="30" path="/"></forms>

    <sessionState mode="InProc"
            sqlConnectionString="data source=;user id=sa;password="

What happens when the use tries to navigate to a new page after 30 minutes is the session has expired so when the code on the page they are navigating to looks for a session variable it throws an error.  I want them to be sent back to the login page where they can login again, the session variables will be reset and they will then get redirected to the page they want.
1 Solution
When the user logs in are you setting the Session.Timeout equal to the Forms.Timeout?  Are you saving a persistant authentication cookie or just using the standard cookie?  Please could you post your authentication procedure?
leskellyAuthor Commented:
I resolved the problem by adding code that checks one of the sessions variables and , if it is blank redirects the user to the login page.  I forgot to close this question and I apologize for that.

PAQed with points refunded (250)

Community Support Moderator

Featured Post

NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now