Is there any way to clear the ASP.NET session when the system looses its connection? I guess it could be implemented using JavaScript can anyone tell me how?
Page must be automatically redirect to logout.aspx after system gets connected to internet again.
For more clarity, chat scripts shows online and offline notification. It means for example when his Gmail page is ON his contacts can see him status as green. When his page is OFF his contacts see it OFF. How this is implemented?
Well you can use session timeout in ASP.NET for disconnecting the user on inactivity for certain duration. Its usage in web.config file:
<system.web>
|
|
<authentication mode="Forms" />
<sessionState mode="InProc" timeout="20"/>
|
|
</system.web>
HTTP is a stateless protocol as all other have said so....
I do not understand what do you mean by the when the system looses its connection. An ambiguous answer to the same can be: You can also edit your global.asax file for clearing session. You can use Session.Abandon() in the methods: Session_End and Application_End. A little demonstratively:
void Session_End(object sender, EventArgs e)
{
Session.Abandon();
// Code that runs when a session ends.
}
void Application_End(object sender, EventArgs e)
{
Session.Abandon();
// Code that runs on application shutdown
}
I suggest just using the sessions timeout in ASP if you intend for the client to be disconnected, maybe from lack of activity. Unless you want the session cleared if the server goes down?
Related
Good Day!
I just need some help regarding this issue that I'm encountering using BotDetect Captcha.
Issue: Session Troubleshooting: New Session Initialized on Postback, potential timeout or Session resume problem
I'm using version 4.1.0.0 of BotDetect.dll in asp.net/SharePoint site.
The issue is happening upon clicking the Submit button in the page and when it postback to validate the page inputs, the captcha section will fail and show this issue.
This is the code that I use to validate the captcha input:
isValid = BotDetectCaptcha.Validate(CaptchaCodeTextBox.Text.Trim().ToUpper());
if (isValid){ //code here }
The thing that makes me wonder is that this code is working fine in my Dev environment which I'm using default values in the web.config of the site.
However, when we deployed this to the staging server, this error occurs.
One thing to point is the sessionState in dev is just inProc and in staging, it is using a custom sessionState to an SQL DataBase - and I'm not sure if this is the cause.
Here is the sessionState setting in staging:
<sessionState mode="SQLServer" timeout="60" allowCustomSqlDatabase="true" sqlConnectionString="Data Source=<server>;Initial Catalog=<table>;Integrated Security=True;Enlist=False;Pooling=True;Min Pool Size=0;Max Pool Size=100;Connect Timeout=15" />
I have no control of the settings of the iis/site in the server so this is getting harder on my end so I'm hoping someone might be able to point directions on what to check or troubleshoot.
Thank you very much!
It turns out to be a server issue after all. Something with regards to network blocking connections to some resources.Tried to deploy the same to other server and it is working.
In ASP.NET on IIS 7.5, how can I close the session after an amount of time (lets say 5 hours), even if the user is still working and there is no idle time?
Is there a property in IIS or should I do it in code?
Have you tried the web.config?
<configuration>
<system.web>
<sessionState
mode="InProc"
cookieless="true"
timeout="30" />
</system.web>
</configuration>
I'm also assuming you have a basic site with no load balancing or session state servers. Those require different approaches.
I haven't tried such a solution before but here's what come into mind :
In your global.asax handle SessionStart and when a new session is started create a new (Asynchronous )Task that starts a timer (a timer that execute once after 5 hours and calls Session.Abandon() :
Something like this :
new Task(()=>{
var timer=new Timer{Interval=DateTime.Now.AddHours(5), Elpased+=(obj,args)=>{
session.Abandon();
((Timer)obj).Stop();
((Timer)obj).Dispose();
}
}).Start()
As I told you I haven't test it and since everything is working asynchronously here it might led to unknown situations.
(BTW as far as I know timer will already run in another thread so no Task is needed :) )
Update
OK, It seems that we can't hold a reference to a HtmlStateSession. Thus here's another approach that I think it can help: In this approach we hold a registery of session id and start time of each session in a static dictionary and when a request begins we check if its session (according to its session id) has been out there more than 5 hours and if that is the case we Abonden the session.(and remove the id from dictionary of course)
There's no need to have thousands of timers this way and we don't expire the sessions right away but we wait until the next time that user sends us a request.
What about setting up windows task scheduler to run an aspx page that will check how long the user is logged in and according to it, to decide if to close the session or not.
(You can save in your database, a log-in time for each user).
I have a web forms application that I tested and works good locally.
When i upload it to a web server that hosts my site, it often just logs out users(they get redirected to the Account/Login.aspx page).
It doesn't produce an error in application so i dont know how to debug it properly but i think that it happens during page load event because users get logged out of the application sometimes(not always) after they make some changes, but the changes stay saved.
I think for some reason my session variable that keeps the login of the user gets reset.
If you have an idea or point me in some direction what and how i can investigate this issue, i would really appreciate it.
This is my code that runs on page load in my site Master.cs, maybe it helps:
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if (Session["UserId"] == null)
{
Response.Redirect("~/Account/login.aspx");
}
if (!Session["Role"].ToString().Equals("Coach"))
{
if (Session["Role"].ToString().Equals("Administrator"))
Response.Redirect("~/AdminForm/AdminHome.aspx");
if (Session["Role"].ToString().Equals("User"))
Response.Redirect("~/Form/Progress.aspx");
}
}
}
Thank You!
Did you set the timeout in your web.config file?
system.web>
<authentication mode="Forms">
<forms timeout="50000000" slidingExpiration="true"/>
</authentication>
</system.web>
If you users are on the site for more than 20 minutes it will log out. You can try web.config or IIS settings it will not help.
I found the best way to handle this is to use a KeepAlive page in and hidden iFrame that posts back to the server every 18 minutes. This will keep the worker process running and the site will never time out.
I have used this method on Internally Facing sites since the end users want to be on the site 8 to 5 without getting logged out.
Sample project at this link
I need to give session time out for my web application. I have put session state in webconfig file in application
<sessionState mode="InProc" cookieless="false" timeout="1"></sessionState>
And in cs page should i need to call any method to function this session state and i need to work this session state to my whole application. Pls help me what i need to put in cs page.
You don't need to do anything in the pages if you don't want to. Add a Global.asax file to your project (if you don't have one yet) and look for the Session_End method. It should look like this:
void Session_End(object sender, EventArgs e)
{
// Code that runs when a session ends.
// Note: The Session_End event is raised only when the sessionstate mode
// is set to InProc in the Web.config file. If session mode is set to StateServer
// or SQLServer, the event is not raised.
}
You can have whatever logic you need in here to redirect, give a message to the users, do some database changes, etc...
Note: This will apply for your entire Asp.Net application!
Good luck!
No special functions needed in cs file. Once configured in web.config it applies to whole application and can be overridden in cs file if needed.
I want my web page to close when SessionState timeout occures. This is my code in my web config:
<system.web>
<sessionState timeout="1" mode="InProc"/>
</system.web>
I set to 1 minute for testing purposes. The following is my Global.asax code:
protected void Session_End(object sender, EventArgs e)
{
Response.Redirect("~/LogOut.aspx");
}
I put a label on one of the pages in order to check the session timeout, this is the code in the Page_Load event:
lblSession.Text = "SESSION TIME: " + Session.Timeout.ToString();
When I enter the site and come to this page the label shows SESSION TIME: 1, but after 1 minute I don't get redirected to the LogOut page and the present page is still fully active and working, apparently meaning that the session has not been terminated.
I am working in Visual Studio 2008 thru the development server so suggestions I've seen relating to IIS settings don't seem to be relevant at this stage.
Please help!
HTTP is a request / response protocol. There is no persistent connection between the browser and the server. The code in Session_End thus effectively does nothing — it can't tell the browser to do anything.
You would need to make a (client-side) JavaScript timer and actively load the logout page right before the session timeout elapses.
Session_End in my experience gets called on the first postback (could be implemented via a client-side Timer) after the timeout occurred - whenever that might be... if the user just closes the browser this event may never be called (except for the case you made a specific JS handler unload to do the postback in that situation).
For some information see:
http://justgeeks.blogspot.com/2008/07/aspnet-session-timeouts.html
http://www.highoncoding.com/ArticleDetails.aspx?articleID=108
http://forums.asp.net/t/1271309.aspx/2/10
http://www.codeproject.com/KB/aspnet/PageTracking.aspx
http://p2p.wrox.com/asp-pro-code-clinic/1648-session_onend-not-firing.html
http://aspalliance.com/1182_Troubleshooting_Session_Related_Issues_in_ASPNET.all
This doesn't seem to be the correct way of testing your session timeout. Try putting something in the session variables. Don't touch the page for another couple of minutes, and try reading it back from Session. If your session is alive, you should be able to see the variables, else... you won't.
Learn more about session and troubleshooting session... http://aspalliance.com/1182_Troubleshooting_Session_Related_Issues_in_ASPNET