AH, Ah, ah, ah…Staying Alive…Staying Alive

Sometimes you want your web page to 'stay alive'. That is, if a user is filling out a complicated form, you do not want the session to time out before they are finished. The user could get very angry and rightfully so: You might even get yelled at!

It's not simply a matter of increasing the session timeout to a very large value. If you do that, the sessions would be left active in the server memory for hours—long after the visitors have left the site. Increasing the session timeout IS a solution… but not necessarily a good solution.

The goal is that the session should stay active as long as the web page is open on the client machine… even if there are no post backs to reset the session timer. When the web page is closed, the session should time out normally.

I implemented a solution for this: The client will "ping" the server at intervals of less than the session timeout which will reset the session timer. This is known as the Heartbeat design pattern (I couldn't find a decent site/page to link to).

Miscellaneous Setup Stuff

For testing purposes, I set the Session Timeout to two minutes in web.config:

<system.web>
  <sessionState timeout="2">
  </sessionState>
 </system.web>

To trace what is happening, I used a utility function called ODS (it's in a class called MiscUtilities):

// ---- ODS (Output Debug String) ----------------------
public static void ODS(string Msg)
{
    String Out = String.Format("{0}  {1}", DateTime.Now.ToString("hh:mm:ss.ff"), Msg);
    System.Diagnostics.Debug.WriteLine(Out);
}

To watch the Session State events, I added debugging strings to the global.asax file:

<%@ Application Language="C#" %>
<script RunAt="server">
      
    void Application_Start(object sender, EventArgs e)
    {
        MiscUtilities.ODS("****ApplicationStart");
    }
    void Session_Start(object sender, EventArgs e)
    {
        MiscUtilities.ODS("Session_Start");
    }
    void Session_End(object sender, EventArgs e)
    {
        MiscUtilities.ODS("Session_End");
    }

Here are the details: We need a method at the server for the client to call. We use a WebMethod.

There must be a ScriptManager on the page.
The ScriptManager must have EnablePageMethods set to true.
The WebMethod must be public and static.
The WebMethod must have the EnableSession attribute set to true.

<asp:ScriptManager ID="ScriptManager1" runat="server" 
    EnablePageMethods="true">
</asp:ScriptManager>

public partial class _Default : System.Web.UI.Page
{
    [WebMethod(EnableSession=true ) ]
    public static void PokePage()
    {
        // called by client to refresh session
        MiscUtilities.ODS("Server: I am poked");       
    }

We need JavaScript at the client to call the server function at fixed intervals:

<script type="text/javascript">
 
    var HeartBeatTimer;
 
    function StartHeartBeat()
    {
        // pulse every 10 seconds
        if (HeartBeatTimer == null)
            HeartBeatTimer = setInterval("HeartBeat()", 1000 * 10);
    }
 
    function HeartBeat()
    {
        // note: ScriptManger must have: EnablePageMethods="true"
        Sys.Debug.trace("Client: Poke Server");
        PageMethods.PokePage();
    }

<body id="MyBody"  onload="StartHeartBeat();">

Here is what the output looks like without the heartbeat:

10:22:43.03 ****ApplicationStart 
10:22:45.13 Session_Start 
10:25:00.00 Session_End

Here is the output with the heartbeat:

 
10:26:06.10  ****ApplicationStart
10:26:08.05  Session_Start
Client: Poke Server
10:26:18.93  Server: I am poked
Client: Poke Server
10:26:28.95  Server: I am poked
Client: Poke Server
10:26:38.96  Server: I am poked
Client: Poke Server
10:26:48.98  Server: I am poked

    . . . (lines deleted)

Client: Poke Server
10:29:59.45  Server: I am poked
Client: Poke Server
10:30:09.47  Server: I am poked
Client: Poke Server
10:30:19.48  Server: I am poked

    . . . (lines deleted)

It looks like the session is staying alive while the client is idle: Excellent!

I hope someone finds this useful.

Steve Wellens

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

About the Author

Steve Wellens

EndWell Software, Inc.

United States

Member

I am an independent contractor/consultant working in the Twin Cities area in Minnesota. I work in .Net, Asp.Net, C#, C++, XML, SQL, Windows Forms, HTML, CSS, etc., etc., etc.

Article Top

Poor

Excellent

Add a reason or comment to your vote: x
Votes of 3 or less require a comment

Comments and Discussions

You must Sign In to use this message board. (secure sign-in)

Search this forum
	Profile popups Noise Layout Per page

Comparing your work to other implementations

Omar Gamil

5:00 18 Jun '11

...like this one[^] Kudos for the tackling the problem in a different way, can you please explain: how did you generate this trace file aspx.page: Begin PreInit aspx.page: End PreInit aspx.page: Begin Init etc... Steve Wellens wrote: The technique in my post does not cause a full page cycle. how's that ?
Sign In·View Thread·Permalink

Re: Comparing your work to other implementations

Steve Wellens

5:34 18 Jun '11

>> how did you generate this trace file `<%@ Page Language="C#" Trace="true"` The trace is at the end of the web browser. >> how's that ? I'm not sure how to answer that. It doesn't cause a full page cycle because it just doesn't. Steve Wellens
Sign In·View Thread·Permalink

Re: Comparing your work to other implementations

Omar Gamil

5:37 18 Jun '11

Fair enough have 5
Sign In·View Thread·Permalink

My vote of 5

Keith Barrow

13:22 29 May '11

Counteracting Doofus univote
Sign In·View Thread·Permalink

My vote of 1

Jason Ti

0:06 15 Dec '10

useless
Sign In·View Thread·Permalink	1.00/5 (10 votes)

Sending ajax request is not a good solution

Jason Ti

0:04 15 Dec '10

Its to complicate way, you can easy use classic solution since .net 1.1 with <iframe /> and tag MetaRefresh, this is easy and tooks 2 lines of code. Your solution is huge and useless.
Sign In·View Thread·Permalink	1.42/5 (6 votes)

Re: Sending ajax request is not a good solution

Steve Wellens

3:46 15 Dec '10

I believe you are mistaken. Meta refresh causes a full page post back. The technique I described does not. However, thank you for reading the article carefully and posting your extremely valuable and inciteful input. Steve Wellens
Sign In·View Thread·Permalink

Re: Sending ajax request is not a good solution

Jason Ti

23:18 20 Dec '10

Just put a iframe element pointing for example for Ticket.aspx, set display: none attribute for this frame,set meta refresh for Ticket.aspx, and put this iframe on page. I am not mistaken i used it in my project and this is working perfect.
Sign In·View Thread·Permalink	1.00/5 (1 vote)

Re: Sending ajax request is not a good solution

Steve Wellens

4:42 21 Dec '10

Meta refresh causes a full page post back. The technique I described does not. So which solution you choose, depends on your requirements. They are NOT equivalent solutions. Steve Wellens
Sign In·View Thread·Permalink	4.60/5 (4 votes)

Re: Sending ajax request is not a good solution

Jason Ti

3:06 5 Jan '11

Metarefresh is inside iframe, NOT ON PAGE dude, it will NOT cause a full page refresh. let me know if this still unclear for you.
Sign In·View Thread·Permalink	1.00/5 (2 votes)

Re: Sending ajax request is not a good solution [modified]

Steve Wellens

4:14 5 Jan '11

Your are absolutely right.
Putting a meta-refresh on an iframe will not cause the hosting page to do a refresh.
It will stop the session from timing out.

However, it will also generate these events at the server:

aspx.page: Begin PreInit
aspx.page: End PreInit
aspx.page: Begin Init
aspx.page: End Init
aspx.page: Begin InitComplete
aspx.page: End InitComplete
aspx.page: Begin PreLoad
aspx.page: End PreLoad
aspx.page: Begin Load
08:06:01.11 ImageDisplay: Page_Load (my trace statement inside of iframed page)
aspx.page: End Load
aspx.page: Begin LoadComplete
aspx.page: End LoadComplete
aspx.page: Begin PreRender
aspx.page: End PreRender
aspx.page: Begin PreRenderComplete
aspx.page: End PreRenderComplete
aspx.page: Begin SaveState
aspx.page: End SaveState
aspx.page: Begin SaveStateComplete
aspx.page: End SaveStateComplete
aspx.page: Begin Render
aspx.page: End Render

Which may be just fine. But, as anyone can plainly see, the two techniques are not exactly equivalent.

Steve Wellens

modified on Wednesday, January 5, 2011 12:21 PM

Re: Sending ajax request is not a good solution

Jason Ti

3:16 7 Jan '11

Well, ajax request also cause a full page life cycle, good to know u understood my solution.
Sign In·View Thread·Permalink	1.00/5 (1 vote)

Re: Sending ajax request is not a good solution

Steve Wellens

4:09 7 Jan '11

Jason Ti wrote: ajax request also cause a full page life cycle The technique in my post does not cause a full page cycle. Steve Wellens
Sign In·View Thread·Permalink	5.00/5 (1 vote)

Good stuff

xoulrage

21:42 7 Dec '09

Wow really nice and short but work wonders. and i lol at the title
Sign In·View Thread·Permalink

Thanks

Pak514

12:56 27 Nov '09

I'm using this technique in a production environment and it works well.
Sign In·View Thread·Permalink

Authenication

Mr President

8:46 11 Aug '09

Every time the page was poked, an authenication popup (user id, password) was displayed.

I added an authenication web service to avoid the popup.

<code>asp:ScriptManager ID="AjaxScriptManager" EnablePartialRendering="true"
            EnablePageMethods="true" runat="server">
</asp:ScriptManager>
<asp:ScriptManagerProxy ID="AjaxScriptManagerProxy" runat="server">
   <b><AuthenticationService Path="~/App_Code/AuthenicationService.vb" /></b>
</asp:ScriptManagerProxy></code>

<b>AuthenicationService:</b>

<code>Imports System.Web
Imports System.Web.Services
Imports System.Web.Services.Protocols

' To allow this Web Service to be called from script, using ASP.NET AJAX, uncomment the following line.
<System.Web.Script.Services.ScriptService()> _
<WebService(Namespace:="http://tempuri.org/")> _
<WebServiceBinding(ConformsTo:=WsiProfiles.BasicProfile1_1)> _
<Global.Microsoft.VisualBasic.CompilerServices.DesignerGenerated()> _
Public Class AuthenicationService
Inherits System.Web.Services.WebService

<WebMethod()> _
Public Function LogIn(ByVal Username As String, ByVal Password As String, ByVal CreatePersistentCookie As Boolean) As Boolean
   Return True
End Function

<WebMethod()> _
Public Sub LogOut()
End Sub

End Class</code>

Nice trick...You could also use...

Member 3231699

7:15 5 Aug '09

Good Post Steve, Since your implementation use Script Manager, Why not use asp:Timer control to do this "Pokes" Wink | ;-)

This will eliminate the Javascript, Pagemethod, etc. Just drop a timer control into an update panel, acess some session variable in timer_tick server event...Set the timer intervel to a sensible value...

And if you want the entire site, not just some pages to retain session , you could put this script manager and timer to your master page. Will get you the same result. (This is bad practice...bad bad..very bad...do not do it...)

Cheers!
Binu Thayamkery

Source code

dazology

5:54 5 Aug '09

Could you please provide the source code for this? seems nice!
Sign In·View Thread·Permalink	1.50/5 (2 votes)

Re: Source code

Steve Wellens

6:48 5 Aug '09

The source is provided in the article. The code can be 'plugged in' to existing pages. Steve Wellens
Sign In·View Thread·Permalink

Simply Superb

janeshh

0:25 4 Aug '09

Looking for similar kind of a functionality for weeks.. got it exactly @ the same time.. Thank You
Sign In·View Thread·Permalink	1.00/5 (1 vote)

Re: Simply Superb

dazology

5:53 5 Aug '09

I wonder why he did not live the source code for download
Sign In·View Thread·Permalink

Full source Please !! [modified]

tolpromobil

23:57 3 Aug '09

Hi
I read this, And it Look nice.
My client says "Pagemethods" not defined !!
Will you please post a working example Please.
Regards
tol

Well I find solution:
The problem is athat I use Master page.
Follow this link to see how to solv it !!
http://weblogs.asp.net/yonggangmeng/archive/2008/11/13/how-to-invoke-pagemethods-in-masterpage.aspx[^]

Thanks.

modified on Tuesday, August 4, 2009 8:19 AM

Terrific! Thank You! Thank You! Thank You!

Ron Kunce

7:15 3 Aug '09

I have been looking for an answer to this problem for months now and had posted to a number of forums trying to find a solution. As I have already found out that setting a high session time out is not a good solution, I really have needed this for a number of long running sessions. What I am surprised about is that this was posted early in June and I hadn't seen it or was provided a link to it until now!

How about this!

azamsharp

2:42 3 Aug '09

How about that you call the ping method or poke method only 2 seconds before the actual session timeout. This way you will not be making unnecessary calls. Mohammad Azam azamsharp@gmail.com www.highoncoding.com Houston, TEXAS
Sign In·View Thread·Permalink

Re: How about this!

Steve Wellens

4:24 3 Aug '09

Two seconds might work but...it is likely there is a thread that runs every 20 seconds or so, that looks for expired sessions to free. You need to have a safety margin built in. Why do I say 20 seconds? Because that is the timing used to look for expired cached objects as I discovered here: http://www.codeproject.com/Articles/34718/Rock-the-Cache-Bar-Rock-the-Cache-Bar.aspx[^] Steve Wellens
Sign In·View Thread·Permalink