Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > A little help with managing session timeouts

Reply
Thread Tools

A little help with managing session timeouts

 
 
Simon Harvey
Guest
Posts: n/a
 
      10-18-2004
Hi everyone,

If anyone can help me with the following I would be very greatful.

In order to determine when a session has timed out I have some code in each
page that does something like:

loadSessionData(); // Populates a variable called sessionState

if(sessionState.currentUser != null){
// Carry on
}

else{
Response.Redirect("/misc_pages/sessionExpired.aspx");
}

My problem is I often have to send out links in emails that jump right into
the secure section of the site. If a session isnt detected it should quietly
take the user to the login page and then once the user enters their details,
redirect them to the secure page they were trying to get to before. This all
sounds fine in theory but the problem is that the code above just identifies
the fact that there isn't any session information and assumes that the
situation is a session timeout - which it isnt.

So I guess my question is:

How can I easily distinguish between occasions when a user's session has
timed out and occasions when the user has just tried to jump into a secure
area of the site without logging in?

If anyone can help me I would be very greatful.

Thanks in advance everyone

Kindest Regards

Simon


 
Reply With Quote
 
 
 
 
=?Utf-8?B?QnJhZCBSb2JlcnRz?=
Guest
Posts: n/a
 
      10-18-2004
Check out "Session.IsMewSession" in the .NET docs. It sounds like what you
want.

"Simon Harvey" wrote:

> Hi everyone,
>
> If anyone can help me with the following I would be very greatful.
>
> In order to determine when a session has timed out I have some code in each
> page that does something like:
>
> loadSessionData(); // Populates a variable called sessionState
>
> if(sessionState.currentUser != null){
> // Carry on
> }
>
> else{
> Response.Redirect("/misc_pages/sessionExpired.aspx");
> }
>
> My problem is I often have to send out links in emails that jump right into
> the secure section of the site. If a session isnt detected it should quietly
> take the user to the login page and then once the user enters their details,
> redirect them to the secure page they were trying to get to before. This all
> sounds fine in theory but the problem is that the code above just identifies
> the fact that there isn't any session information and assumes that the
> situation is a session timeout - which it isnt.
>
> So I guess my question is:
>
> How can I easily distinguish between occasions when a user's session has
> timed out and occasions when the user has just tried to jump into a secure
> area of the site without logging in?
>
> If anyone can help me I would be very greatful.
>
> Thanks in advance everyone
>
> Kindest Regards
>
> Simon
>
>
>

 
Reply With Quote
 
 
 
 
=?Utf-8?B?QnJhZCBSb2JlcnRz?=
Guest
Posts: n/a
 
      10-18-2004
OOPs, typo...Session.IsNewSession...
 
Reply With Quote
 
Girish Bharadwaj
Guest
Posts: n/a
 
      10-18-2004
Look into FormsAuthentication. It should allow you to do most of what you
would like to do.

--
Girish Bharadwaj
http://msmvps.com/gbvb
"Simon Harvey" <sh856531@microsofts_free_email_service.com> wrote in message
news:(E-Mail Removed)...
> Hi everyone,
>
> If anyone can help me with the following I would be very greatful.
>
> In order to determine when a session has timed out I have some code in

each
> page that does something like:
>
> loadSessionData(); // Populates a variable called sessionState
>
> if(sessionState.currentUser != null){
> // Carry on
> }
>
> else{
> Response.Redirect("/misc_pages/sessionExpired.aspx");
> }
>
> My problem is I often have to send out links in emails that jump right

into
> the secure section of the site. If a session isnt detected it should

quietly
> take the user to the login page and then once the user enters their

details,
> redirect them to the secure page they were trying to get to before. This

all
> sounds fine in theory but the problem is that the code above just

identifies
> the fact that there isn't any session information and assumes that the
> situation is a session timeout - which it isnt.
>
> So I guess my question is:
>
> How can I easily distinguish between occasions when a user's session has
> timed out and occasions when the user has just tried to jump into a secure
> area of the site without logging in?
>
> If anyone can help me I would be very greatful.
>
> Thanks in advance everyone
>
> Kindest Regards
>
> Simon
>
>



 
Reply With Quote
 
Simon Harvey
Guest
Posts: n/a
 
      10-19-2004
Hi Guys,

Thanks for your help. I'm currently using forms authentication at the
moment. I can't find much information about session handling in the
documentation though.

I'll go have a look at isSessionNew just now. I'm not sure its what I need
but maybe.

Thanks for your help

Simon


 
Reply With Quote
 
Simon Harvey
Guest
Posts: n/a
 
      10-19-2004
Hi Brad,

I think I see where you're going with the IsNewSession property. I just want
to check something with you if thats ok.

Is the reason this works because when a user follows a link to a secure area
of the site from an email, the IsNewSession property will always be true
because it will have been made as soon as the user followed the link. A time
out won't occur like this because the IsNewSession will be false?

That seems to make sense to me. I'll try it later on today.

Thanks again for your help

Simon


 
Reply With Quote
 
Simon Harvey
Guest
Posts: n/a
 
      10-20-2004
Hi Brad,

I think I see where you're going with the IsNewSession property. I just want
to check something with you if thats ok.

Is the reason this works because when a user follows a link to a secure area
of the site from an email, the IsNewSession property will always be true
because it will have been made as soon as the user followed the link. A time
out won't occur like this because the IsNewSession will be false?

That seems to make sense to me. I'll try it later on today.

Thanks again for your help

Simon


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
1 little 2 little 3 little Kennedys dale Digital Photography 0 03-23-2008 01:03 PM
forms authentication timeouts and session timeouts =?Utf-8?B?SmFzb24=?= ASP .Net 0 06-22-2004 09:24 AM
Session-Timeouts and Idle-Timeouts on AS5300 and AS5800 Matt Cisco 1 02-17-2004 06:59 PM
Setting Session State timeouts Justin Dutoit ASP .Net 1 08-07-2003 01:21 PM
Dealing with Session State timeouts Justin Dutoit ASP .Net 1 08-05-2003 05:16 AM



Advertisments