Click here to Skip to main content
15,845,598 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
C#
<pre>​


My web.config

 <system.web>
   
	  <authentication mode="Forms">
		  <forms loginUrl="Login.aspx" ></forms>
	  </authentication>
	  <sessionState  timeout="1" ></sessionState>

  </system.web>


Global.asax

protected void Session_Start(object sender,EventArgs e)
        {
            Session["LastActivityTime"] = DateTime.Now;
        }
        protected void Session_End(object sender,EventArgs e)
        {
            DateTime lastActivityTime = (DateTime)Session["LastActivityTime"];
            if (DateTime.Now - lastActivityTime > TimeSpan.FromMinutes(1))
            {
                if (HttpContext.Current != null)
                {
                    FormsAuthentication.SignOut();
                    Response.Redirect("Login.aspx");
                }
            }
        }

My Login.aspx.cs
 

    public partial class Login : System.Web.UI.Page
    {
        ExceptionManager oExceptionManager = new ExceptionManager();
        MyProjectBLL oProjectBll = new MyProjectBLL();
        
        protected void Page_Load(object sender, EventArgs e)
        {
            if (Session["LastActivityTime"] != null)
            {
                Session["LastActivityTime"] = DateTime.Now;
            }
        }

        protected void btnSubmit_Click(object sender, EventArgs e)
        {
            DataTable dt = new DataTable();          
            try
            {
                dt = oProjectBll.GetCredentials();
                if (dt.Rows.Count > 0)
                {
                    foreach (DataRow dataRow in dt.Rows)
                    {
                        string storedUsername = dataRow["USERNAME"].ToString();
                        string storedPassword = dataRow["PASSWORD"].ToString();
                        if (storedUsername == txtName.Text && storedPassword == txtPwd.Text)
                        {                           
                            Response.Redirect("~/CommonControls/MasterPageWebForm.aspx");
                        }
                    }
                }
            }
            catch(Exception ex)
            {
                oExceptionManager.LogError(ex.Message, "Inside btnSubmit_Click function from Login.aspx.cs");
            }
        }
    }



​


What I have tried:

i was trying to do automatic logout for my web application if the user is idle or not visiting the page it will automatically redirect to login page what i have tried is above code 

im getting Object reference not set to an instance of an object at   FormsAuthentication.SignOut(); pls help me to solve it
Posted
Updated 9-Oct-23 20:54pm
v2

1 solution

The Session_End event[^] fires when the session times out; in this case, that will be one minute after the user last made a request.

There will not be a current HttpContext, there will not be a Response to Redirect, and there will not be a current user to SignOut.

If you're getting to the FormsAuthentication.SignOut call, that suggests you're not testing the HttpContext.Current property as shown in your question.

But I suspect you're actually getting the error from a different line - the Session property looks suspicious to me. But since you haven't shown how you've declared or set it, that's just a guess.

Since the event fires when the session ends, there's absolutely no purpose in checking when the user last made a request; you already know it's at least one minute in the past.

And since you only set the LastActivityTime when the session starts, rather than when the user makes a request, your check wouldn't make sense anyway.

It seems you need to look at using sliding expiration[^] for your forms authentication. That way, the authentication ticket will expire if the user doesn't make a request at least once per minute.
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900