This is an example of detecting a session timeout and redirecting to an ASP.NET login page; a session timeout occurs when the user does not work for the time specified in the web.config file.
To do this, I set the timeout value in web.config to 1 minute.
1st method
In the web.config file, set sessionstate mode for inproc mode and authentication for forms
<system.web> <compilation debug="true"/> <authentication mode="Forms"/> <sessionState mode="InProc" cookieless="false" timeout="1"></sessionState> </system.web>
In this example, I created three pages: one is the login page, when the session expires, I am redirected to this page, one is the navigation page where I will check if the session is valid or not, if it is valid, the user will see this page to others because it is redirected to the login page.
Add the Global.asax class file to the root of your application or website. This method only works if Global.asax present in the application.
Write the code below in the Page_Init event of the page where we want to check the session timeout.
we can also put this code in a class and inherit all the application pages from this class, acting as the base class for all pages to check the session timeout.
C # CODE
protected void Page_Init(object sender, EventArgs e) { if (Context.Session != null) { if (Session.IsNewSession) { HttpCookie newSessionIdCookie = Request.Cookies["ASP.NET_SessionId"]; if (newSessionIdCookie != null) { string newSessionIdCookieValue = newSessionIdCookie.Value; if (newSessionIdCookieValue != string.Empty) {
Second method.
Code for Default.aspx
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head runat="server"> <title>Untitled Page</title> </head> <body> <form id="form1" runat="server"> <div> <asp:Button ID="btnSessionStart" runat="server" OnClick="btnSessionStart_Click" Text="Start Session" /><br /> <br /> <br /> <asp:Button ID="btnCheck" runat="server" OnClick="btnCheck_Click" Text="Check Session ID" /> <br /> <asp:TextBox ID="txtSession" runat="server" Width="266px"> </asp:TextBox><br /> <br /> <asp:Button ID="btnGO" runat="server" OnClick="btnGO_Click" Text="Go to Other Page" /> <br /> <br /> </div> </form> </body> </html>
And the code for this page is similar to
protected void btnSessionStart_Click(object sender, EventArgs e) { Guid Session_id = Guid.NewGuid(); Session["SessionID"] = Session_id.ToString(); } protected void btnCheck_Click(object sender, EventArgs e) { if (Session["SessionID"] != null) txtSession.Text = Session["SessionID"].ToString(); else txtSession.Text = "Session has expired"; } protected void btnGO_Click(object sender, EventArgs e) { Response.Redirect("Default2.aspx"); }
On the page where we want to verify that the session has a timeout or not, we need to check it in the Page_Init event of the page, if the session is not zero, then the user can go to the page, otherwise wise he will be redirected to the login page.
On this page, I just clicked a button to go to the home page
<html xmlns="http://www.w3.org/1999/xhtml"> <head runat="server"> <title>Untitled Page</title> </head> <body> <form id="form1" runat="server"> <div> <asp:Button ID="btnHome" runat="server" OnClick="btnHome_Click" Text="Home" /> </div> </form> </body> </html>
And the code for this page
protected void Page_Init(object sender, EventArgs e) { CheckSession(); } protected void btnHome_Click(object sender, EventArgs e) { Response.Redirect("Default.aspx"); } private void CheckSession() { if (Session["SessionID"] == null) { Response.Redirect("Login.aspx"); } }
If we need to check this on all pages of the application, we can create a BaseClass and write the aforementioned CheckSession code and Page_Init part and drive all ur pages from this class by typing BaseClassName instead of System.Web. UI.Page, and it checks all pages for a session timeout every time a page loads
Source: http://csharpdotnetfreak.blogspot.com/