Session expiration

Hello, I have a base class which is inherited by every page in my project. On page_load I call checkSessionExpired();

which does the following:
private void checkSessionExpired()
{
if (Context.Session != null)
{
if (Session.IsNewSession)
{
string szCookieHeader = Request.Headers["Cookie"];
if ((null != szCookieHeader) && (szCookieHeader.IndexOf("ASP.NET_SessionId") >= 0))
{
Response.Redirect("sessionExpired.aspx");
}
}
}

}

I don't understand why its not working, but Session.IsNewSession I thought would be true the very first time the browser loads up. This is not the case, its false. Where does it get set to true Or can I manually set it to true in the code Any ideas

Answer this question

Session expiration

Simon Gorski

Hi,

[This is not right forum for asp.net questions, you should go to http://forums.asp.net/]
Give following a try, this is the simplest way IMHO..

On login, add the following logic or something like that,

FormsAuthentication.SetAuthCookie(<objUser.UserName>.Value,false);
[use System.Security.Principal namespace] -- [[this line is not required for the session expired logic but will help you to redirect the user to the requested page using FormsAuthentication.RedirectFromLoginPage(objUser.UserName.Value, false);]]

Session["UserID"] = <objUser.UserID>;

Then on form, where you want to check session expiration, in Page_Load

Response.AddHeader("Refresh",Convert.ToString((Session.Timeout * 60) + 5));
if(Session["UserID"] == null)
{
Response.Redirect("SessionExpired.aspx");
}

HTH,
Session expiration

Answer this question