A little help with managing session timeouts

S

Simon Harvey

Hi everyone,

If anyone can help me with the following I would be very greatful.

In order to determine when a session has timed out I have some code in each
page that does something like:

loadSessionData(); // Populates a variable called sessionState

if(sessionState.currentUser != null){
// Carry on
}

else{
Response.Redirect("/misc_pages/sessionExpired.aspx");
}

My problem is I often have to send out links in emails that jump right into
the secure section of the site. If a session isnt detected it should quietly
take the user to the login page and then once the user enters their details,
redirect them to the secure page they were trying to get to before. This all
sounds fine in theory but the problem is that the code above just identifies
the fact that there isn't any session information and assumes that the
situation is a session timeout - which it isnt.

So I guess my question is:

How can I easily distinguish between occasions when a user's session has
timed out and occasions when the user has just tried to jump into a secure
area of the site without logging in?

If anyone can help me I would be very greatful.

Thanks in advance everyone

Kindest Regards

Simon
 
G

Girish Bharadwaj

Look into FormsAuthentication. It should allow you to do most of what you
would like to do.
 
S

Simon Harvey

Hi Guys,

Thanks for your help. I'm currently using forms authentication at the
moment. I can't find much information about session handling in the
documentation though.

I'll go have a look at isSessionNew just now. I'm not sure its what I need
but maybe.

Thanks for your help

Simon
 
S

Simon Harvey

Hi Brad,

I think I see where you're going with the IsNewSession property. I just want
to check something with you if thats ok.

Is the reason this works because when a user follows a link to a secure area
of the site from an email, the IsNewSession property will always be true
because it will have been made as soon as the user followed the link. A time
out won't occur like this because the IsNewSession will be false?

That seems to make sense to me. I'll try it later on today.

Thanks again for your help

Simon
 
S

Simon Harvey

Hi Brad,

I think I see where you're going with the IsNewSession property. I just want
to check something with you if thats ok.

Is the reason this works because when a user follows a link to a secure area
of the site from an email, the IsNewSession property will always be true
because it will have been made as soon as the user followed the link. A time
out won't occur like this because the IsNewSession will be false?

That seems to make sense to me. I'll try it later on today.

Thanks again for your help

Simon
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Problem with a login script, SESSION user rights and put this together so it works with the other pages and MySQL. Code examples. 2
Different session timeouts between ASP and ASP.Net 0
Help with datascraping script 1
Managing Session 1
ASP.Net timeouts 3
Session timeouts and dynamic MasterPages 4
Help me, going live with a quiz 0
Help With a Script 5

Members online

No members online now.
Total: 64 (members: 0, guests: 64)
Robots: 163

Forum statistics

Threads
473,995
Messages
2,570,236
Members
46,821
Latest member
AleidaSchi

Latest Threads

Top