Tuesday, October 3

Detecting Session Timeout in Asp.Net

Alas post after a while. I wanted to detect session timeouts and redirect the user to the logon page with the appropriate message.
I stumbled upto this code (it works) which helps detect a session timeout in asp.Net.

One needs to follow the common BasePage pattern and inherit all the pages from this common page.
All the common functions can be put in this page.

///
/// This overriden method helps handle Session timeouts.
/// Credit to author.
///
///


   84     /// <summary>

   85     /// This overriden method helps handle Session timeouts.

   86     /// </summary>

   87     /// <param name="e"></param>

   88     override protected void OnInit(EventArgs e)

   89     {

   90         base.OnInit(e);

   91 

   92 

   93         //It appears from testing that the Request and Response both share the 

   94         // same cookie collection.  If I set a cookie myself in the Reponse, it is 

   95         // also immediately visible to the Request collection.  This just means that 

   96         // since the ASP.Net_SessionID is set in the Session HTTPModule (which 

   97         // has already run), thatwe can't use our own code to see if the cookie was 

   98         // actually sent by the agent with the request using the collection. Check if 

   99         // the given page supports session or not (this tested as reliable indicator 

  100         // if EnableSessionState is true), should not care about a page that does 

  101         // not need session

  102         if (Context.Session != null)

  103         {

  104             //Tested and the IsNewSession is more advanced then simply checking if 

  105             // a cookie is present, it does take into account a session timeout, because 

  106             // I tested a timeout and it did show as a new session

  107             if (Session.IsNewSession)

  108             {

  109                 // If it says it is a new session, but an existing cookie exists, then it must 

  110                 // have timed out (can't use the cookie collection because even on first 

  111                 // request it already contains the cookie (request and response

  112                 // seem to share the collection)

  113                 string szCookieHeader = Request.Headers["Cookie"];

  114                 if ((null != szCookieHeader) && (szCookieHeader.IndexOf("ASP.NET_SessionId") >= 0))

  115                 {

  116                     //string url = "~/Default.aspx?x=" + RedirectMessage("Session Timed out.");

  117                     //Response.Redirect(url);

  118                     Session["TimeoutMessage"] = "Your Session timed out";

  119                     Response.Redirect("~/Default.aspx");

  120                 }

  121             }

  122         }

  123     }


This page is powered by Blogger. Isn't yours?

Subscribe to Posts [Atom]