Click here to Skip to main content
15,914,413 members
Search within:


Redirect to login page when the Session is Expired.
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
C#
ASP.NET
Creating Session in login page.

MIDL
Session["Id"] = txtid.Text;
                 Session["User_type"] = ddlutype.Text;  //drop down of User type
                 Session["Password"] = txtpassword.Text;

On Button SignOut

Option 1:

Session.clear();
if (!IsPostBack)
    {
           if (Session["Id"] == null)
          {
              Response.Redirect("login.aspx");
          }
    }


Option 2:
MIDL
Session.Clear();
Session.Abandon();
Response.Redirect("login.aspx");


Either of them is Not Working...
Help !!!!!!!
Posted
Updated 20-Jun-11 21:53pm
v6
Add a Solution
Comments
Uday P.Singh 21-Jun-11 3:46am    
are you getting any error message?
lovejeet0707 21-Jun-11 3:52am    
No Error Message.........
Just Session is not Expiring......

5 solutions

Have a look at Sandeeps' article which describes the browser issue

Browser back button issue after logout[^]

As Christian has said, you need to set the pages you don't want the user to be able to navigate to after the session has expired to not be cacheable

Imagine the scenario - you're on a page that requires a session. You go to lunch and the session expires. When you come back, the page is still visible but when you try to do anything you will be directed to the authentication page with a 'return URL' that is the page you were redirected from. You authenticate again, acquire a new session and are redirected to the 'return URL'

If you tried to click back in this scenario, by marking pages as not cacheable you would still be directed to the authentication page. Again, as Christian has said - code will only run when you instruct it to by having the page make an HTTP request (e.g. a postback). You could have fancy javascript running that polls for a valid session and redirects you when it can't find one, but I don't see the point in this. The above scenario is 'expected behaviour' for me
 
Share this answer
 
Posted
Updated 21-Jun-11 1:35am
v2
Comments
Uday P.Singh 21-Jun-11 8:41am    
good one my 5!!
BobJanova 21-Jun-11 9:09am    
A 5.
This will surely work

use 
Session.Abandon();

to expire the session

and

Wite your redirection code in global.asax.cs.
somethink like :

protected void Session_End(Object sender, EventArgs e) { Response.Redirect("redirect.aspx"); }


hope this helps :)
 
Share this answer
 
Posted
Comments
Christian Graus 21-Jun-11 4:07am    
Why add another useless suggestion, instead of editing the last one ? He wants to catch when the session expires on it's own, not log the user out.
Uday P.Singh 21-Jun-11 4:21am    
But he has mention something called On Button SignOut what is that?
lovejeet0707 21-Jun-11 4:29am    
Christian can u help me ...........
plzzzz......
lovejeet0707 21-Jun-11 4:29am    
I want when person sign out he should not return to previous screen just by pressing "Back" or typing its "url address".......
lovejeet0707 21-Jun-11 4:26am    
Christian what do uou Say ??????
What does 'not working' mean ? Your redirect won't magically happen, because your code does not run until you ask it to. Your best bet there, is a js timer that runs when you know your session would time out, but you'd want to back that up with back end code, you have no way to synch it exactly. Your code is really poor, you should never use session keys in a free form manner, what if you typed Id on one end and ID on the other ? Use a static class to define these strings, so they are strongly typed.
 
Share this answer
 
Posted
Comments
lovejeet0707 21-Jun-11 3:49am    
No Session is just not Clearing.
It is Not Expiring........
Christian Graus 21-Jun-11 3:56am    
Well, you should load your page, go to lunch, then test it. If you've not waited long enough for it to expire, then it won't expire. And, if it has not expired, then there's no need for this code, right ?
#realJSOP 21-Jun-11 8:10am    
Or he could set the timeout for a ridiculously short period of time, like 30 seconds. :)
I think you need to first expire the session i.e

try this On Button SignOut:

Session["Id"] == null;

if (!IsPostBack)
    {
           if (Session["Id"] == null)
          {
              Response.Redirect("login.aspx");
          }
    }



hope this helps :)
 
Share this answer
 
Posted
Comments
Christian Graus 21-Jun-11 3:55am    
Um... that's totally stupid. If he sets it to null, then it's always null, therefore, he's just throwing away the session, and his if statement is not needed.
Uday P.Singh 21-Jun-11 4:00am    
it will be set null only if Button SignOut is clicked
Christian Graus 21-Jun-11 4:07am    
But that is not what he wants. He wants the user to be redirected if the session expires by itself.
Uday P.Singh 21-Jun-11 5:32am    
But OP has mention something called On Button SignOut what is that?
Use just this code:

           if (Session["Id"] == "")
          {
              Response.Redirect("login.aspx");
}
 
Share this answer
 
Posted
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
Redirect the user to login page after a period of inactivity or when the session expires.
Expired Session and redirect to login page before javascript confirmation called
Session expire
Page redirection on session expire
redirect web service to login page when session expires asp net
Auto redirect to the session expires page
Modal popup shows login page when session's expires
redirect to login page after session timeout
session is expiring too quickly and showing null pages with out redirecting to login page
How to redirect user to specific page as Session Expire or abandon

Advertise
Privacy
Cookies
Terms of Use
Last Updated 21 Jun 2011
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web01 2.8:2024-05-30:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900