Solved

Session Timeout - What constitutes Activity

Posted on 2006-12-01
9
434 Views
Last Modified: 2008-01-09
I have a web a web page which has two panels and a button to switch between them and a submit button on panel B

so the user enters data in the several text boxes on panel A then hits the Next button which hides panel A and shows Panel B,

it may take the user over 15 minutes to enter the data however the session timeout is set at 15 minutes, ive had reports from people saying by the time they finish entering data into both panels and hit the submit button they are being redirected to the login page


question
does typing into a text field constitute activity
does clicking on the [next] button which switches between panels constitute activity

or

does activity only occurs if a request is sent back to the server?

thanks
stephen
0
Comment
Question by:enterpriseireland
9 Comments
 
LVL 7

Accepted Solution

by:
Dimandja earned 250 total points
ID: 18055564
The session timeout has nothing to do with typing or anything else.  Session timeout occurs after the timeout has been reached regardless of any pending activities.

Session timeouts are renewed once the server has been hit.  This means simply typing into a datafield is meaningless: you must submit the typed data to renew a session time limit.

Some reading material on the subject:
http://www.extremeexperts.com/Net/Articles/RedirectingPageAfterSessionTimeout.aspx
http://aspalliance.com/520
http://www.codeproject.com/aspnet/Reconnect.asp
0
 
LVL 7

Expert Comment

by:jj819430
ID: 18055625
Dimandja is absolutely right.

You can use a javascript though to maintain your position.

Simple way:

Create a webform called SessionRenew.aspx

on the website do a function that runs every 5 minutes or so and uses the AJAX command (IE = GetXmlHttpObject)
and do a post to the sessionRenew page. That will renew the sessiontimeout.
0
 
LVL 44

Expert Comment

by:Arthur_Wood
ID: 18056155
Why have you set the Session timeout to 15 minutes, if it takes at least that long for users to enter the values required on the Web page, before they can submit it.  I would suggest that you should increase the Session Timeout to something closer to 30 minutes.

The purpose of the Session Timeout is to ensure that the session closes down if the user does NOT close it themselves, and simply walks away from the terminal.  

AW
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 

Author Comment

by:enterpriseireland
ID: 18064243
we had a  security consultancy firms had a look at a system we were building and due to the nature of the data being supplied stated our session timeout should be 15, i would like to push it out to 30 minutes but we are not allowed, i was thinking about using ajax however the site were building has to be AA accessibility compliant, thus we cant use javascript
0
 
LVL 44

Expert Comment

by:Arthur_Wood
ID: 18065725
weell the, with a 15 minute session timeout, and the users statement that it takes then more than 15 minute to enter data on the page (which sounds very strangfe to me--what is requiring so much time to enter data on a single page?) then you would appear to have a serious problem.  YOu may want to consider breaking the data entry up into two stages, so that half of the datacan be entered, saved, and then the other hals of the data entered.  That should allow users to make a response to he Server before the 15 minute Seeion timeout has expired.

AW
0
 
LVL 7

Expert Comment

by:Dimandja
ID: 18069348
There are some ways of handling your timeout problem.

1. When you detect user activity (i.e. Keyboard events), you can make a quick trip to the server to renew the session.  
See an example here: http://www.codeproject.com/aspnet/Reconnect.asp

2. You can detect an impending session timeout, and alert the user.  The user can then allow the session to end (i.e. no response within a couple o minutes, etc...), or the user can let the application know that they are still laboring on inputting data (at which point you renew the session).
See an example here: http://www.thescripts.com/forum/thread224158.html

NOTE: All the examples I gave were not tested by me, and they are posted here as illustrations only.  You can find better/other code to accomplish the same functionnality.
0
 
LVL 7

Expert Comment

by:Dimandja
ID: 18272542
This question was fully answered.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

This article describes a simple method to resize a control at runtime.  It includes ready-to-use source code and a complete sample demonstration application.  We'll also talk about C# Extension Methods. Introduction In one of my applications…
Real-time is more about the business, not the technology. In day-to-day life, to make real-time decisions like buying or investing, business needs the latest information(e.g. Gold Rate/Stock Rate). Unlike traditional days, you need not wait for a fe…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now