• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 157
  • Last Modified:

dealing session

In ASP.NET 2.0 with C# I want that whenever there is a session timeout or the user pressed for signout
to link to a starting page of login.
Is it OK to do the following?
In global.asax in Session_end event to write:
void Session_End(object sender, EventArgs e)
         Session_Start(sender, e);

and in Session_Start to call the page of login

void Session_Start(object sender, EventArgs e)
         string linkurl = "loginappl.aspx";
         Server.Transfer(linkurl, true);

How do I handle pages that were left open and the session has timeout?
  • 2
1 Solution

Session_OnEnd is kind of non deterministic call. Check out this article for details and workaround: www.eggheadcafe.com/articles/20030416.asp

For your specific problem of restarting a fresh session, instead you can try maintaining the same session by sending a AJAX request to a page called 'LoginAppl.aspx?sess=restart" You save a lot of server resources.
ANAT2403Author Commented:
Let me explain exactly what are my aim:
I want that when ever there is a session time out or the user pressed on a button of signout -
to have the first screen of login which will force the user to enter his password before he can proceed.
I also want to control that if the user got the login screen and pressed on the back page he will not be able
to do anything and get the login page again.
I want to imitate the web outlook access that pages are left and you made sign out.
I am not dealing at the moment with multiple users and I don't want to use the ajax.
What I wrote is working O.K. but I want to be sure that there is no problem with it and I am willing to learn about other ways.
Thank You
Create a web.config file as below and place it in application root. This will deny access to every user and redirects them to login.aspx

    <authentication mode="Forms" />

  <location allowOverride="false" path="\">
      <deny users="*" />
one more solution:
Create a global.asax file and place it in root directory of ur application

<Script Runat="Server">

Sub Session_Start
  If Instr( Request.Path.ToLower, "/login.aspx" ) = 0 Then
    Response.Redirect( "login.aspx" )
  End If
End Sub

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now