how to time out the web asp.net application when not in use for 15 minutes

[enahar]

Hi,

How to timing out the asp.net web application when not in use for 15 minutes
although I am using the code in web.config file as below:

<authentication mode="Forms">
<forms loginUrl="Security/Login.aspx" protection="All" timeout="20" path="/"
/>

</authentication>





Thanks

 

[PL]

20 is not 15

You also need to disable slidingExpiration by setting it to false
and you need to make sure you dont set the cookie as persistant
in your forms login.

Assuming you have the .NET Framwework SDK with docs installed try this link:
ms-help://MS.NETFrameworkSDKv1.1/cpgenref/html/gngrfforms.htm

PL.

 

[Ekta Agarwal]

Hi

If I use the sliding Expiration in the code(web.config) as follows:

<authentication mode="Forms" >

<forms loginUrl="Security/Login.aspx" protection="All" slidingExpiration
="true" timeout="15" path="/" />

</authentication>



I am getting the following error message:


Parser Error Message: Unrecognized attribute 'slidingExpiration'.

Source Error:

Line 31: -->
Line 32: <authentication mode="Forms" >
Line 33: <forms loginUrl="Security/Login.aspx" protection="All"
slidingExpiration ="true" timeout="15" path="/" />
Line 34: </authentication>
Line 35:




How and where do I use the SlidingExpiration attribute.

Thanks

 

[PL]

Please have a look at this page:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpgenref/html/gngrfforms.asp

PL.

 

[Ekta Agarwal]

Hi,

I am still getting the same error message after looking into the URL you
have sent..

Regards,



Server Error in '/PITSHWebUI' Application.
------------------------------------------------------------------------
--------

Configuration Error
Description: An error occurred during the processing of a configuration
file required to service this request. Please review the specific error
details below and modify your configuration file appropriately.

Parser Error Message: Unrecognized attribute 'slidingExpiration'.

Source Error:


Line 32: <authentication mode="Forms" >
Line 33: <!--<forms loginUrl="Security/Login.aspx" protection="All"
slidingExpiration="false" timeout="15" path="/" />-->
Line 34: <forms name="name" loginUrl="Security/Login.aspx"
protection="All" timeout="15" path="/" slidingExpiration="true">
Line 35: </forms>
Line 36:


Source File: c:\inetpub\wwwroot\PITSHWebUI\web.config Line: 34

 

[PL]

I cannot see anything wrong in your code below but obviously you must have an error in spelling or casing or
something like that.

PL.

 

[Ekta Agarwal]

Hi,

I have checked the spelling, casing .
Still I can't use the slidingExpiration attribute in the Forms tag .I am
getting the same error message
'' Unrecognized attribute 'slidingExpiration' ''
Can anybody help me why?

Thanks

 

[PL]

Try installing ASP.NET 1.1, you are probably running 1.0 ?

Downlaod from:
http://www.asp.net/download-1.1.aspx?tabindex=0&tabid=1

Of ocurse, if you dont have control over the server this poses a problem.

PL.

 

[Ekta Agarwal]

Hi,

Is there any other way to timing out the asp.net web application when
not in use for 15 minutes without installing asp.net 1.1

Thanks

 

[enahar]

Actually when session is timeout (20 minutes) it goes to session_end event
in glaobal.asax.cs but i don't know how to transfer from this point to login
page
Can anyone help me !

Regards

 

[Brock Allen]

Session_End fires outside of a Request into your system. So since there's
no request, there's no where to transfer to. When you should do is check
upon the next request to see if your Session data is gone, and if so take
the appropriate actions.

Now, since you've mentioned a login page, why are you using Session state
to track to see if the user's logged in? You should be using Forms authentication,
as this does all the necessary work to redirect the user to a login page
if they're not currently logged in.

 

[enahar]

Actually what i want to convey is
when the session is time out asp.net application goes to session_end event
(the code is shown below)after rumnning the event it stays in the same page
..I want to transfer to sessionTimeOut.aspx page .But beacause Session_End
fires outside of a Request into your system I can't use Response.Redirect.

How do I redirect now?

Regards




protected void Session_End(Object sender, EventArgs e)

{

if (Session["SessionID"] != null)

{

try

{

string LogoutURL="../Public/SessionTimeOut.aspx";

ESMSecurityModule.killSession(Session["SessionID"].ToString());

Session.Clear();

Session.Abandon();


Response.Redirect(LogoutURL);

}

catch

{

}

}

}





How to timing out the asp.net web application when not in use for 15

 

[Brock Allen]

As I suggested before you either need to add a check to every page to do
the redirect or you should be using Forms Authentication to to track the
user. I really think you'll have an easier time adopting Forms authentication.
Here's an article that should get you started:

http://msdn.microsoft.com/library/d...-us/vsent7/html/vxconASPNETAuthentication.asp

Actually what i want to convey is
when the session is time out asp.net application goes to session_end
event
(the code is shown below)after rumnning the event it stays in the
same page
.I want to transfer to sessionTimeOut.aspx page .But beacause
Session_End
fires outside of a Request into your system I can't use
Response.Redirect.
How do I redirect now?

Regards

protected void Session_End(Object sender, EventArgs e)

{

if (Session["SessionID"] != null)

{

try

{

string LogoutURL="../Public/SessionTimeOut.aspx";

ESMSecurityModule.killSession(Session["SessionID"].ToString());

Session.Clear();

Session.Abandon();

Response.Redirect(LogoutURL);

}

catch

{

}

}

}

How to timing out the asp.net web application when not in use for 15

Session_End fires outside of a Request into your system. So since
there's no request, there's no where to transfer to. When you should
do is check upon the next request to see if your Session data is
gone, and if so take the appropriate actions.

Now, since you've mentioned a login page, why are you using Session
state to track to see if the user's logged in? You should be using
Forms authentication, as this does all the necessary work to redirect
the user to a login page if they're not currently logged in.

 

[Pril]

Try:
HttpContext.Current.Request.Response.Redirect

lp, pl

Actually what i want to convey is
when the session is time out asp.net application goes to session_end event
(the code is shown below)after rumnning the event it stays in the same page
.I want to transfer to sessionTimeOut.aspx page .But beacause Session_End
fires outside of a Request into your system I can't use Response.Redirect.

How do I redirect now?

Regards




protected void Session_End(Object sender, EventArgs e)

{

if (Session["SessionID"] != null)

{

try

{

string LogoutURL="../Public/SessionTimeOut.aspx";

ESMSecurityModule.killSession(Session["SessionID"].ToString());

Session.Clear();

Session.Abandon();


Response.Redirect(LogoutURL);

}

catch

{

}

}

}





How to timing out the asp.net web application when not in use for 15

Session_End fires outside of a Request into your system. So since there's
no request, there's no where to transfer to. When you should do is check
upon the next request to see if your Session data is gone, and if so take
the appropriate actions.

Now, since you've mentioned a login page, why are you using Session state
to track to see if the user's logged in? You should be using Forms
authentication, as this does all the necessary work to redirect the user
to a login page if they're not currently logged in.