detect session timeout in popup

[goscottie]

I used submodal as my popup window. With some tweaks, it working
great in my app. However, I can't find a way to detect session
timeout in the popup window. The app is a form based authentication
so the default.aspx page will show up in the popup.

So I'm looking into several options.

1. detect session timeout in javascript so that I prevent the popup
from even happening. I can simply redirect or post to itself so that
the calling page will redirect to login (default) page.
2. detect session timeout in popup (in javascript also) so that it can
self terminate. I can make the calling page redirect to default page
once I detect the timeout.
3. in popup window (aspx page), detect session timeout and self close
or at least display nice message with a link to login again (popup
remains open).

I guess I would rather find a solution in the client side than server
side. Any solution will work for me.

Any help appreciated.

 

[Andy]

Its hard to guess at what you're doing because you aren't saying much
about how your application works and how the credentials were
originally obtained (ie if its forms based, do you have a seperate
login screen? is the login integrated with other screens?, etc)

If this popup is important, I'ld get your system to prompt the user
for credentials when the timeout is detected at the time your popup
tries to access its contents. I'm assuming your popup is showing a
different webpage than the IE window is that called it.

To ensure that a new copy of the popups webpage is always retrieved
from the server (instead of from the browser's cache), I'ld set a
metatag in the popup's page that tells IE to always fetch a new page.
This way you can be sure there's a timeout problem.

I don't know if this helps

 

[goscottie]

Thanks for replying. And let me clarify few things.

It is a Form authenticated site using Membership provider. The
calling page is protected for only authenticated users. A popup will
show up upon a lick on a link to show search criteria, which is in
fact different page in aspx. So if it expires then it can simply
either close or ask to close and relogin. That says that the popup is
not important. I just don't it to display default login page. I
think I mentioned session but after further reading it is a Form
authentication. So I was wrong there.

 

[goscottie]

I wonder if I can intercept FormAuthentication failure event and
redirect to another page instead of login page. Of course, just from
that popup window page.

 

[goscottie]

I got around.

My simply adding

<location path="Content/Popup.html">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>

to web.config, this will not authenticate the popup message thus
bypasses login page display within popup window. As soon as user
returns to the calling page, it times out and redirects to the login
page. This is ok for me, as I stated, because the popup is not
important to be authenticated.