Forms authentication timeout event?

Is there an event fired when ASP.NET automatically logs a user out when using forms based authentication? I want to do two things at the point that the user's timeout (set in the web.config file) expires:

1) I log user activity in a legacy application which is done fine if they LogOut using the logout button, but I need to also add an audit record if the system logs them out.

2) I would like to re-direct to the login page, rather than the default operation which only redirects when they refresh the page.


Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

I dont what you mean by system logging user out. Ok, if you mean you are logging out the user after the session expires, then "Session_End" fires. This event handler is in Global.asax.cs. In this event handler, you can not do any interactions with the browser, as it is fired with a Http request. You can do any other code behind stuff like, writing to a log application.

There are two ways you can do to redirect the user after certain inactivity. In your html, use  setTimeout setting from javascript to redirect the user. But strictly speaking, client side inactivty does not translate to session inactivity. Session would still gets timed out, even if the user is so active on the browser, but never have to postback in that 20 minutes time (assuming you have the session timeout set to 20 minutes), the session would still timeout. Remember session is a server side object. you can not manipulate it from the client side. But, this is how things are done in real world. Redirect the user after 20 minutes inactivity on the browser


sdj_workAuthor Commented:
That is not the timeout I mean. I appreciate there is a session timeout, but there is also a timeout for the built in Forms Authentication. For my web app the forms authentication expires after 5 minutes to make sure access to any pages is protected. The session timeout is sometime later, say 15 minutes of inactivity, and this tidies up resources. What I'd like to know is: is there an event fired when ASP.NET logs out the authenticated user?
Hello sdj_work

For the question, is there an event fired when ASP.NET logs out the authenticated user?
The answer is short and simple:
Alas, there is no event fires when ASP.NET logs out an authenticated user.

If you need an event to fire, you can use method CacheItemRemovedCallback delegate or define your own class to have a callback method which fires after an interval of time (ASP.NET logs out an authenticated user).

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.