Last post Sep 02, 2007 12:57 PM by utlandsfantomenno1
Aug 31, 2007 02:33 PM|b3rnix|LINK
I'd like to be able to control the session expiration in a web application i'm writing. The idea behind this is that the user has a login key in a database (that key is added/deleted by another external app). Upon session expiration, based on that key's
state, I decide whether the session must be kept alive or just continue its way to expiration.
Bassicaly, I wanted to do so by catching the Session_End event , doing the database check there, and then somehow "canceling" the session expiration.
As far as i know, i have still access to the expirating session from that event handler. Is there any way to "cancel" the expiration or to recover the session somehow?
I'll be glad to provide any further information regarding the subject if needed,
Thanks in advance
Sep 02, 2007 12:57 PM|utlandsfantomenno1|LINK
This is no control to solve your problems, but it's pretty close and really not lot of hassle to make it work. This alternative is a lot smoother if you use Ajax but works without is well.
You need to use a master page and sliding session expiration, or at least it's a lot easier that way. Of course you could jam a timer control in every page, but master pages are pretty nice for this and for other stuff as well. Well, in my master I page
Where the Interval (remember it's ms and not seconds) should be your session timeout minus at least 10 seconds. I prefer to go with 30 seconds to one minute before session expiration,
depening on what I want to do when session is closing expiration. The 10 seconds is just because your session sometimes expires before the expiration you've set, but
usually not ore than 10 seconds earlier. Do a little testing on this. Ok, now that I've got the timer control ticking, add a code behind to handle the tick of the timer.
Protected Sub tmCheckStatus_Tick(ByVal sender As Object, ByVal e As System.EventArgs) Handles tmCheckStatus.Tick
If b2bGlobal.isUserOnline = False Then
'This is if you use forms authentication
'but I'd say it works equally fine for 'normal' sessions
'Or you can fire a popup or redirect to a page asking the users
'if they want to stay online
Well, that's how I solve all annoying session timeouts and it's really easy. You can even set the timer interval to be (your session timeout value)/6 or some other number. For each tick you can change a picture or something like that, showing the ammount
of time the user has left before automatic redirection occurs. It's nice for them and a cool feature for oneself, although one should take care not to let this sucker tick to much, as it could eat up server resources.