locked
How To Redirect To Login Page When The Session is Timed Out from GLOBAL.ASCX FILE C#.NET ASP.Net RRS feed

  • Question

  • User-1296120440 posted

    Hi Friends,

    Could anyone help me  in resolving my problem with Global.ascx file  ?

    I have to redirect to CompanyLoginForm.aspx automatically when Session is Timed out. I have changed Session Timeout to "1" so that session will be timed out  in 1 minute.

    Below is the code used :

    <system.web>

    <sessionState mode="InProc" timeout="1" cookieless="false">

    </sessionState>

    <httpRuntime maxRequestLength="2097151" executionTimeout="600" />

    <!--<httpRuntime maxRequestLength="2097151"/>-->

    <pages theme="AnasuTheme" />

    <roleManager defaultProvider="AspNetWindowsTokenRoleProvider" />

    <customErrors mode="on" />

    <compilation debug="true" defaultLanguage="c#">

    Below is the code used in Global.ascx file:

    void Session_Start(object sender, EventArgs e)

    {

    // No Code

    }

    void Session_End(object sender, EventArgs e)

    {

    Session.Add("somevalue", Session.SessionID);

    Response.Redirect("CompanyLoginForm.aspx");

    }

    void Application_Error(object sender, EventArgs e)

    {

    try

    {

    // Code that runs when an unhandled error occurs

    HttpContext context = HttpContext.Current;

    Exception ex = context.Server.GetLastError();

    //process your exception

    if (context.IsCustomErrorEnabled)

    {

    context.Server.ClearError();

    context.Server.Transfer("~/CompanyLoginForm.aspx");

    }

    }

    catch (Exception ex)

    {

    }

    }

    Could any one suggest me in fixing the issue, when time is out application is not redirecting to CompanyLoginForm.aspx, instead it is showing the page which we opened earlier.

    Could you any body share the sample code, you have come across the same scenario ?

    Regards,

    Vasudev.

    Tuesday, June 12, 2018 9:30 AM

All replies

  • User475983607 posted

    Your approach will not work because there is no context or response object to redirect.  The Session_End event clears user data from Session disconnected from the user. Otherwise the application will run out of memory as more user use the system and store data in Session.  The web server does not have a connection to the individual clients.

    I suggest that you use established patterns and practices rather than Session for storing user authentication.  ASP.NET comes with authentication/authorization APIs that handle the redirect automatically.  The user is redirected if the request is not authenticated.

    https://www.asp.net/web-forms/overview/security

    Tuesday, June 12, 2018 9:57 AM
  • User36583972 posted


    Hi friend,

    The following samples introduce another way to automatically redirect to the Login page When Session is timed out.

    Automatically redirect User after Session Timeout in ASP.Net
    https://www.aspsnippets.com/Articles/Automatically-redirect-User-after-Session-Timeout-in-ASPNet.aspx


    Best Regards,

    Yong Lu

    Wednesday, June 13, 2018 8:28 AM