locked
ASP.NET website - Re direct logout page if session has expired and link to Login again RRS feed

  • Question

  • User-2136619341 posted

    <div link="#0563C1" vlink="#954F72" lang="EN-US"> <div class="x_WordSection1">

    Hi ,

     I am working on a ASP.NET website. I am redirecting the users to logout page if the session has expired. In the page load of Logout page, I am clearing all the session variables.

     I want to redirect the users to login page from logout page on click on a link. I am checking  Request.Params["__EVENTTARGET"] in page load to see if the post back is caused by link button click. but it always return null value.  Link button click event does not fire. How to redirect users to login page from Logout page after the session has expired or cleared?

    Logout.cs file:

    //page load

              string str = Request.Params["__EVENTTARGET"];  //returns always null

                 if (!IsPostBack)

                {

                    Session.Clear();

                    Session.RemoveAll();

                    Session.Abandon();

                }

     

     // button click

    protected void lnkLogin_Click(object sender, EventArgs e)

        {

            try

            {

                Response.Redirect("Login.aspx",true);

            }

            catch (Exception ex)

            {

            

            }

        }

     

     

    --Web config file

    <authentication mode="Forms">

                                        <forms loginUrl="~/Logout.aspx" timeout="2880" slidingExpiration="true"/>

                            </authentication>

     

     Request.Params["__EVENTTARGET"] is always null in the page load of Logout page. 

    How to redirect users to login page from Logout page after the session has expired or cleared?

    Thanks
    Ashok

    </div> </div>

    Monday, November 24, 2014 6:32 AM

Answers

  • User-760709272 posted

    Why are you logging users out if their session has expired?  If your authentication and your session are somehow linked then you're better re-coding your site to break the dependence between the two.

    However if you want to detect that the current session is a new session you can use the code in this article

    http://aspalliance.com/520_detecting_aspnet_session_timeouts.2

    I found that article by googling "asp.net detect new session"

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, November 24, 2014 7:10 AM
  • User2008642861 posted

    Hi ashok.k,

    Based on your post, I made a test on computer, it worked fine. You may refer to below code.

    Each page(except Login Page) add this function at Page_Load event

    if (Session["UesrID"] == null)
                    {
                        Session.Remove();
                        Response.Redirect("LoginPage.aspx");
                        string NowPage="the name of the Page";//the page of login out,then you want to back it
                        Session["NowPage"] = NowPage;
                    }
    

    Add this function to Login Page

    protected void Page_Load(object sender, EventArgs e)
            {
                if (IsPostBack)//Pay attention to this, it is IsPostBack,also you could revise it in your need 
                {
                    if (Session["UesrID"] == null)
                    {
                        Session.Remove();
                        Response.Redirect("LoginPage.aspx");
                        string NowPage="the name of the Page";//the page of login out,then you want to back it
                        Session["NowPage"] = NowPage;
                    }
                    else
                    {
                        if(/*sign in successfully*/)
                        {
                            UserID = Session["UserID"];
                            string BackPage="";
                            BackPage = Session["NowPage"].ToString();
                            if(BackPage=="LoginPage.aspx")
                            {
                                Response.Redirect("UserPage");
                            }
                            else
                            {
                            Response.Redirect(BackPage);
                            }
                        }
                        else
                        {
                            //sign in unsuccessfully
                        }
                    }
                }
            }
    

    Hope this could be helpful to you.

    Best regards,

    Archer Wang

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, November 25, 2014 4:26 AM

All replies

  • User-760709272 posted

    Why are you logging users out if their session has expired?  If your authentication and your session are somehow linked then you're better re-coding your site to break the dependence between the two.

    However if you want to detect that the current session is a new session you can use the code in this article

    http://aspalliance.com/520_detecting_aspnet_session_timeouts.2

    I found that article by googling "asp.net detect new session"

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, November 24, 2014 7:10 AM
  • User2008642861 posted

    Hi ashok.k,

    Based on your post, I made a test on computer, it worked fine. You may refer to below code.

    Each page(except Login Page) add this function at Page_Load event

    if (Session["UesrID"] == null)
                    {
                        Session.Remove();
                        Response.Redirect("LoginPage.aspx");
                        string NowPage="the name of the Page";//the page of login out,then you want to back it
                        Session["NowPage"] = NowPage;
                    }
    

    Add this function to Login Page

    protected void Page_Load(object sender, EventArgs e)
            {
                if (IsPostBack)//Pay attention to this, it is IsPostBack,also you could revise it in your need 
                {
                    if (Session["UesrID"] == null)
                    {
                        Session.Remove();
                        Response.Redirect("LoginPage.aspx");
                        string NowPage="the name of the Page";//the page of login out,then you want to back it
                        Session["NowPage"] = NowPage;
                    }
                    else
                    {
                        if(/*sign in successfully*/)
                        {
                            UserID = Session["UserID"];
                            string BackPage="";
                            BackPage = Session["NowPage"].ToString();
                            if(BackPage=="LoginPage.aspx")
                            {
                                Response.Redirect("UserPage");
                            }
                            else
                            {
                            Response.Redirect(BackPage);
                            }
                        }
                        else
                        {
                            //sign in unsuccessfully
                        }
                    }
                }
            }
    

    Hope this could be helpful to you.

    Best regards,

    Archer Wang

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, November 25, 2014 4:26 AM