Solved

Session Timeout - What constitutes Activity

Posted on 2006-12-01
9
440 Views
Last Modified: 2008-01-09
I have a web a web page which has two panels and a button to switch between them and a submit button on panel B

so the user enters data in the several text boxes on panel A then hits the Next button which hides panel A and shows Panel B,

it may take the user over 15 minutes to enter the data however the session timeout is set at 15 minutes, ive had reports from people saying by the time they finish entering data into both panels and hit the submit button they are being redirected to the login page


question
does typing into a text field constitute activity
does clicking on the [next] button which switches between panels constitute activity

or

does activity only occurs if a request is sent back to the server?

thanks
stephen
0
Comment
Question by:enterpriseireland
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 7

Accepted Solution

by:
Dimandja earned 250 total points
ID: 18055564
The session timeout has nothing to do with typing or anything else.  Session timeout occurs after the timeout has been reached regardless of any pending activities.

Session timeouts are renewed once the server has been hit.  This means simply typing into a datafield is meaningless: you must submit the typed data to renew a session time limit.

Some reading material on the subject:
http://www.extremeexperts.com/Net/Articles/RedirectingPageAfterSessionTimeout.aspx
http://aspalliance.com/520
http://www.codeproject.com/aspnet/Reconnect.asp
0
 
LVL 7

Expert Comment

by:jj819430
ID: 18055625
Dimandja is absolutely right.

You can use a javascript though to maintain your position.

Simple way:

Create a webform called SessionRenew.aspx

on the website do a function that runs every 5 minutes or so and uses the AJAX command (IE = GetXmlHttpObject)
and do a post to the sessionRenew page. That will renew the sessiontimeout.
0
 
LVL 44

Expert Comment

by:Arthur_Wood
ID: 18056155
Why have you set the Session timeout to 15 minutes, if it takes at least that long for users to enter the values required on the Web page, before they can submit it.  I would suggest that you should increase the Session Timeout to something closer to 30 minutes.

The purpose of the Session Timeout is to ensure that the session closes down if the user does NOT close it themselves, and simply walks away from the terminal.  

AW
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:enterpriseireland
ID: 18064243
we had a  security consultancy firms had a look at a system we were building and due to the nature of the data being supplied stated our session timeout should be 15, i would like to push it out to 30 minutes but we are not allowed, i was thinking about using ajax however the site were building has to be AA accessibility compliant, thus we cant use javascript
0
 
LVL 44

Expert Comment

by:Arthur_Wood
ID: 18065725
weell the, with a 15 minute session timeout, and the users statement that it takes then more than 15 minute to enter data on the page (which sounds very strangfe to me--what is requiring so much time to enter data on a single page?) then you would appear to have a serious problem.  YOu may want to consider breaking the data entry up into two stages, so that half of the datacan be entered, saved, and then the other hals of the data entered.  That should allow users to make a response to he Server before the 15 minute Seeion timeout has expired.

AW
0
 
LVL 7

Expert Comment

by:Dimandja
ID: 18069348
There are some ways of handling your timeout problem.

1. When you detect user activity (i.e. Keyboard events), you can make a quick trip to the server to renew the session.  
See an example here: http://www.codeproject.com/aspnet/Reconnect.asp

2. You can detect an impending session timeout, and alert the user.  The user can then allow the session to end (i.e. no response within a couple o minutes, etc...), or the user can let the application know that they are still laboring on inputting data (at which point you renew the session).
See an example here: http://www.thescripts.com/forum/thread224158.html

NOTE: All the examples I gave were not tested by me, and they are posted here as illustrations only.  You can find better/other code to accomplish the same functionnality.
0
 
LVL 7

Expert Comment

by:Dimandja
ID: 18272542
This question was fully answered.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction Although it is an old technology, serial ports are still being used by many hardware manufacturers. If you develop applications in C#, Microsoft .NET framework has SerialPort class to communicate with the serial ports.  I needed to…
Entity Framework is a powerful tool to help you interact with the DataBase but still doesn't help much when we have a Stored Procedure that returns more than one resultset. The solution takes some of out-of-the-box thinking; read on!
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question