Cloud9_User
asked on
Easy 500 - ASP.NET Closing Sessions
I'm was currently working on a secure adminstration area for a website. The user will login and their details are validated/authenicated by means of an access database. A session is created. What would be the best to stop people from directly accessing the secure pages behind the login.
What i'd like is to response.redirect the user back to the login.aspx if no valid session etc exists. Also when the browser is closed i'd like the session/authenication to end... very similiar to how the login part of experts exchange works.
Any help or advice appreciated!
What i'd like is to response.redirect the user back to the login.aspx if no valid session etc exists. Also when the browser is closed i'd like the session/authenication to end... very similiar to how the login part of experts exchange works.
Any help or advice appreciated!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Handling the session isn't too much of a problem, getting the session to close is though. i know it timeouts after a set period i.e 20 minutes by default but i'd like to have it closed when the browser closes.
Does any know how the likes of experts exchange and googles gmail do it?
Does any know how the likes of experts exchange and googles gmail do it?
Have you tried:
Session.Abandon();
Or maybe even having an unload event that does something like (but it creates the problem of having to know what page someone is leaving the site from, not a very good solution):
Session.Timeout=1;//timeou ts must be greater than 0, so you won't be able to do that :P
Session.Abandon();
Or maybe even having an unload event that does something like (but it creates the problem of having to know what page someone is leaving the site from, not a very good solution):
Session.Timeout=1;//timeou
ASKER