Click here to Skip to main content
14,691,424 members
Please Sign up or sign in to vote.
1.00/5 (2 votes)
See more:
I want to use session timeout in my project.

I saw some example in net, when I click after session time the page does not redirect to login page.
Posted
Updated 11-Jan-11 22:29pm
v2
Comments
Dalek Dave 12-Jan-11 3:29am
   
Edited for Grammar and Readability.

Session already has a default time-out of 20 minutes. You can change it.

Why don't you start by reading some articles/tutorials on the web.

CodeProject itself has a lot of good stuff related to ASP.NET Session.

Okay, 'Let Me Google That For You'[^].
   
Comments
justinonday 12-Jan-11 2:00am
   
good job
Dalek Dave 12-Jan-11 3:29am
   
Let me 5 point that for you!
Ankur\m/ 12-Jan-11 4:16am
   
Lol, DD. Thanks both of you :)
The timeout attribute at sessionState element in web.config lets you configure the session timeout.

However, if you want to be redirected to the Login page once the session is invalidated (Session is time out), you have to implement the following logic:

1. After login, put the userName (Or any unique value which identify the user) in the session using a key. Say,

Session["USER"] = userName;


2. At Page_Load() method of each page (Or, in the base page which is inherited by all other pages), check whether the userName is available in the Session, and, redirect to login page if the userName is not found. Say,
string userName = Session["USER"] as string;
if(string.isNullOrEmpty(userName))
{
    Response.Redirect("Login.aspx");
}


However, if you use Forms Authentication, you just need to make sure that, the timeout value of the sessionState element and timeout value of forms element is same. The Forms Authentication system will automatically redirect you to the login page (Assuming that, Forms Authentication is correctly configured in web.config)

See http://support.microsoft.com/kb/301240[^] to learn how to configure Forms Authentication in your Asp.net application.
   
v4
Comments
Ankur\m/ 12-Jan-11 2:28am
   
Your answer doesn't deserve to be there at last in the list. 5'ved! ;)

BTW, I feel OP has no or very little knowledge about Session Object. So I suggested him to go through some articles/tutorials. Fundamentals will prevent him from coming here for such questions again, right?! :)
Dalek Dave 12-Jan-11 3:30am
   
Very Good!
Just putting session timeout will not redirect you. In the master page, or where-ever you are staying after logging in, you will need to check on every "pageload" that whether session exists or has timed out. In case if it has timeout (i.e, expired), then you need to redirect the control to login page.

Something like this :

protected void Page_Load(object sender, EventArgs e)
       {
          if(Session["Session_name"]==null)
           Response.Redirect("Login.aspx");
       }




Enjoy !!
   
v2
Comments
Dalek Dave 12-Jan-11 3:30am
   
Good Answer.
@nuraGGupta@ 12-Jan-11 6:53am
   
Thank you :-).
   
Comments
Dalek Dave 12-Jan-11 3:30am
   
Good Link.
Kasson 12-Jan-11 3:56am
   
Thanks Dalek

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900