Solved

Redirect when timed out

Posted on 2014-04-07
7
223 Views
Last Modified: 2014-04-11
I am using the script below for authorization and like to know if there is a way to extend, so when people were idle for about 20 minutes, they get redirected to a "timeout.asp" page.

<%
' *** Restrict Access To Page: Grant or deny access to this page
MM_authorizedUsers="admin"
MM_authFailedURL="failure.asp"
MM_grantAccess=false
If Session("MM_Username") <> "" Then
  If (false Or CStr(Session("MM_UserAuthorization"))="") Or _
         (InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1) Then
    MM_grantAccess = true
  End If
End If
If Not MM_grantAccess Then
  MM_qsChar = "?"
  If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&"
  MM_referrer = Request.ServerVariables("URL")
  if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" & Request.QueryString()
  MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" & Server.URLEncode(MM_referrer)
  Response.Redirect(MM_authFailedURL)
End If
%>

Open in new window

0
Comment
Question by:hanskoens
  • 3
  • 2
  • 2
7 Comments
 
LVL 52

Expert Comment

by:Scott Fell, EE MVE
ID: 39983708
You have probably seen scripts for session timeout

<% 
    Session.Timeout = 30 
    Server.ScriptTimeout = 180
%>

Open in new window


But for the idle time out you need to adjust in your app pool in iis.

http://technet.microsoft.com/en-us/library/cc771956(v=ws.10).aspx
0
 
LVL 2

Author Comment

by:hanskoens
ID: 39983722
I have done that but for some reason without results. After changing I iisreset IIS and also rebooted server. I want the timeout session being part of the login session, if possible.
0
 
LVL 52

Assisted Solution

by:Scott Fell, EE MVE
Scott Fell,  EE MVE earned 200 total points
ID: 39983758
The login session and idle time out are not the same.   You can set your session.timeout to 180 minutes if you want.  But, if the user is sitting and staring at their screen for more than 5 minutes, they will experience  a timeout.  

Another reason they could be prematurely timing out is if the app pool gets reset.   If you want somebody to be logged in for a long period of time, a cookie might be a good choice.  Otherwise, I found the idle timeout to be the weak link no matter what you have your session timeout set for in your code.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 32

Accepted Solution

by:
Big Monty earned 300 total points
ID: 39989854
if you are talking about if a user is on the same page for xxx amount of minutes and you want to redirect the user to another page after xxx amount of minutes has passed, then you'll need to set a timer in javascript, and when the time expires, do the appropriate action.

I use the following code to pop up a window that tells the user their login session has expired and gives them the choice to re-login. If they do, all of their session data is re-populated and they can go back to the page they were on without any issues.

window.setTimeout("timedout = true; window.open('/logout/timedout.htm','timedout','menubar=no,scrollbars=no,resizable=no,location=no,height=365,width=380')",300);

you'll notice the last parameter, in this case "300", is the time in seconds you want to set the timer for. So 60 x 5 minutes is 300 seconds.
0
 
LVL 2

Author Comment

by:hanskoens
ID: 39993542
Is there a way to close the popup window after 60 seconds automatcally?
0
 
LVL 32

Expert Comment

by:Big Monty
ID: 39994185
please open a new question with a reference to link to this question
0
 
LVL 52

Expert Comment

by:Scott Fell, EE MVE
ID: 39994200
Yea, it is just in the javascript for the pop up.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction In a recent article (http://www.experts-exchange.com/A_7811-A-Better-Concatenate-Function.html) for the Excel community, I showed an improved version of the Excel Concatenate() function.  While writing that article I realized that no o…
Introduction While answering a recent question about filtering a custom class collection, I realized that this could be accomplished with very little code by using the ScriptControl (SC) library.  This article will introduce you to the SC library a…
Get people started with the process of using Access VBA to control Excel using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Excel. Using automation, an Access application can laun…
This lesson covers basic error handling code in Microsoft Excel using VBA. This is the first lesson in a 3-part series that uses code to loop through an Excel spreadsheet in VBA and then fix errors, taking advantage of error handling code. This l…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now