• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 239
  • Last Modified:

Redirect when timed out

I am using the script below for authorization and like to know if there is a way to extend, so when people were idle for about 20 minutes, they get redirected to a "timeout.asp" page.

<%
' *** Restrict Access To Page: Grant or deny access to this page
MM_authorizedUsers="admin"
MM_authFailedURL="failure.asp"
MM_grantAccess=false
If Session("MM_Username") <> "" Then
  If (false Or CStr(Session("MM_UserAuthorization"))="") Or _
         (InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1) Then
    MM_grantAccess = true
  End If
End If
If Not MM_grantAccess Then
  MM_qsChar = "?"
  If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&"
  MM_referrer = Request.ServerVariables("URL")
  if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" & Request.QueryString()
  MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" & Server.URLEncode(MM_referrer)
  Response.Redirect(MM_authFailedURL)
End If
%>

Open in new window

0
hanskoens
Asked:
hanskoens
  • 3
  • 2
  • 2
2 Solutions
 
Scott Fell, EE MVEDeveloperCommented:
You have probably seen scripts for session timeout

<% 
    Session.Timeout = 30 
    Server.ScriptTimeout = 180
%>

Open in new window


But for the idle time out you need to adjust in your app pool in iis.

http://technet.microsoft.com/en-us/library/cc771956(v=ws.10).aspx
0
 
hanskoensAuthor Commented:
I have done that but for some reason without results. After changing I iisreset IIS and also rebooted server. I want the timeout session being part of the login session, if possible.
0
 
Scott Fell, EE MVEDeveloperCommented:
The login session and idle time out are not the same.   You can set your session.timeout to 180 minutes if you want.  But, if the user is sitting and staring at their screen for more than 5 minutes, they will experience  a timeout.  

Another reason they could be prematurely timing out is if the app pool gets reset.   If you want somebody to be logged in for a long period of time, a cookie might be a good choice.  Otherwise, I found the idle timeout to be the weak link no matter what you have your session timeout set for in your code.
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
Big MontySenior Web Developer / CEO of ExchangeTree.org Commented:
if you are talking about if a user is on the same page for xxx amount of minutes and you want to redirect the user to another page after xxx amount of minutes has passed, then you'll need to set a timer in javascript, and when the time expires, do the appropriate action.

I use the following code to pop up a window that tells the user their login session has expired and gives them the choice to re-login. If they do, all of their session data is re-populated and they can go back to the page they were on without any issues.

window.setTimeout("timedout = true; window.open('/logout/timedout.htm','timedout','menubar=no,scrollbars=no,resizable=no,location=no,height=365,width=380')",300);

you'll notice the last parameter, in this case "300", is the time in seconds you want to set the timer for. So 60 x 5 minutes is 300 seconds.
0
 
hanskoensAuthor Commented:
Is there a way to close the popup window after 60 seconds automatcally?
0
 
Big MontySenior Web Developer / CEO of ExchangeTree.org Commented:
please open a new question with a reference to link to this question
0
 
Scott Fell, EE MVEDeveloperCommented:
Yea, it is just in the javascript for the pop up.
0

Featured Post

The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

  • 3
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now