Skip to main content

How to do auto logout and redirect to login page when session expires using asp.net?

In this article I will explain you how to auto logout and redirect to
 login page when users session expires within specific period.

Introduction


In every applications, we need to maintain the session expiration time 
say for example 1hr or 30 minuets and this configuration item we
 can do with web.config file or in IIS. But here, application should 
redirect to login page automatically when session expires.

Configure session time


First configure the session timeout value in web.config file as like
 below, here I’m configuring the session timeout value as 3 minutes
 for this sample .

<system.web>



<sessionState mode="InProc" timeout="3"></sessionState>



</system.web>

 

Create Pagebase class


create a custom pagebase class and write the common functionality codes into this class. Through this class, we can share the common functions to other web pages. In this class we need inherit the System.Web.UI.Page class. Place the below code into Pagebase class.e

public class PageBase : System.Web.UI.Page



{



protected override void OnPreRender(EventArgs e)



{



    base.OnPreRender(e);



    AutoRedirect();



}



public void AutoRedirect()



{



int int_MilliSecondsTimeOut = (this.Session.Timeout * 60000);



string str_Script = @"



   <script type='text/javascript'> 



    intervalset = window.setInterval('Redirect()'," + int_MilliSecondsTimeOut.ToString() + @");



    function Redirect()



    {



       alert('Your session has been expired and system redirects to login page now.!\n\n');



       window.location.href='/login.aspx'; 



    }



</script>";



ClientScript.RegisterClientScriptBlock(this.GetType(), "Redirect", str_Script);



}



}

 


Above AutoRedirect function will be used to redirect the login page when session expires, by using javascript window.setInterval, This window.setInterval executes a javascript function repeatedly with specific time delay. Here we are configuring the time delay as session timeout value. Once it’s reached the session expiration time then automatically executes the Redirect function and control transfer to login page.
In testAutologout page, we need to inherit the PageBaseclass as like below also same thing we need to inherit wherever required this functionality.

using System;



using System.Collections.Generic;



using System.Linq;



using System.Web;



using System.Web.UI;



using System.Web.UI.WebControls;



namespace TestWeb



{



 public partial class testAutoLogout : PageBase



{



    protected void Page_Load(object sender, EventArgs e)



{







}



}

}
 

Once application reached session expiration time if suppose there is no action performed by user, it shows the warning message as like below and if clicks the Ok in the message box it redirects to login.aspx page.

Comments

Post a Comment

Popular posts from this blog

What's New in Visual Studio 2017 RC

What's  New in Visual Studio 2017 RC We have many new as well as improved features and experiences in Visual Studio 2017  to make you more productive at things you do every day IntelliSense  IntelliSense comes enhanced with added filtering that makes it much easier to use . Filtering makes long lists much more manageable. With features like Camel Case search you only need to type in the 2 letters in capitals for IntelliSense to appropriately filter results for you that match 2 different words with those letters capitalized. IntelliSense is also smarter now; it will select the best matching result from the list instead of simply picking the top result. Navigation Navigation . Navigate To is much more powerful with better filtering and preview.  We have also fixed Find All Reference by adding color, grouping, and a peek preview in the Find All Ref window. Live editing One of the most useful features is l...
Post a Comment
Read more

Claims Class For security in .NET4.5 with C#

What is Claim ? A claim in the world of authentication and authorization can be defined as a statement about an entity, typically a user. A claim can be very fine grained: Ram is an admin Ram’s email address is Ram@yahoo.com Ram lives in Mumbai Tom’s allowed to view sales figures between 2009 and 2012 Tom’s allowed to wipe out the universe Claims originate from a trusted entity other than the one that is being described. This means that it is not enough that Tom says that he is an administrator. If your company’s intranet runs on Windows then Tom will most likely figure in Active Directory/Email server/Sales authorisation system and it will be these systems that will hold these claims about Tom.  The idea is that if a trusted entity such as AD tells us things about Tom then we believe them a lot more than if Tom himself comes with the same claims . This external trusted entity is called an  Issuer . The KEY in the key-value pairs is called a  Typ...
1 comment
Read more

Question must to read

What is the significance of the Finalize method in .NET? The .NET Garbage Collector does nearly all the clean up activity for your objects. But unmanaged resources (for example: Windows API created objects, File, Database connection objects, COM objects and so on) are outside the scope of the .NET Framework that we need to explicitly clean our resources. For these types of objects, the .NET Framework provides the "Object.Finalize" method, which can be overridden and to clean up the code for un-managed resources. Can it be put in this section? Why is it preferred to use it instead of Finalize for clean up? The problem with Finalize is that garbage collection must make two rounds to remove objects that have Finalize methods. The figure below will make things clearer regarding the two rounds of garbage collection rounds for the objects having finalized methods. Figure 1 In this scenario there are three objects, Object1, Object2 and Object3. Object2 has the Finali...
Post a Comment
Read more