» Web Development » ASP.

NET » Samples

Alert Session Time out in ASP.Net
By Manjunath Shrikantiah | 27 Jul 2011 | Unedited contribution
ASP.NET

Licence First Posted Views Downloads Bookmarked

C POL 18 Jul 2011 2,978 169 28 times

Artic le looks at ways to warn user about the session timeout.
4.55 (10 votes)

Download SessionPOC.zip - 145.59 KB

Introduction
One of the requirements in my project was to warn users about the session expiry. Though it looks like a simple requirement for the end users, it is not the c ase for developers and designers. We need to deal with lot of sc enarios in the real time application. What is the best way to achieve the objec tive? Some of the challenges would be like 1. Session is a sliding expiry value. It gets extended every time there is a post bac k. 2. There are multiple ways that you can handle this scenario and each of them has its own technical challenges.

Approaches
Following section will try to cover few of the approaches to handle session expiry.

1. Provide a simple alert.
In this approach, the user will be provided with a simple warning message, based on a pre-defined time interval.

<script language="javascript" type="text/javascript"> var sessionTimeoutWarning = "<%= System.Configuration.ConfigurationSettings.AppSettings["SessionWarning"].ToString()%>"; var sessionTimeout = "<%= Session.Timeout %>"; var sTimeout = parseInt(sessionTimeoutWarning) * 60 * 1000; setTimeout('SessionWarning()', sTimeout); function SessionWarning() { var message = "Your session will expire in another " + (parseInt(sessionTimeout) parseInt(sessionTimeoutWarning)) + " mins! Please Save the data before the session expires"; alert(message); } </script>

sessionTimeoutWarning: is a predefined value in the application configuration. Say 18 minutes. sessionTimeout: Holds the session timeout interval. Say 20 minutes. In c ase the user does not do any post bac k on the page for about 18 minutes, he will be warned about the session expiry.

2. Provide a simple alert and then redirect the user to home page or login page.

ConfigurationSettings. //time for expiry var timeForExpiry = timeOnPageLoad.ToString()%>". window.aspx". //To redirect to the welcome page setTimeout('RedirectToWelcomePage()'.AppSettings["SessionWarning"].aspx".Configuration.. parseInt(sessionTimeoutWarning) * 60 * 1000). window. //To redirect to the welcome page var redirectToWelcomePageTimer = . alert(message).Timeout %>".ConfigurationSettings.location = ". } </script> In this approach./Welcome. } } //Session timeout function RedirectToWelcomePage(){ alert("Session expired. he would be redirec ted to the login or home page. var timeOnPageLoad = new Date().getMinutes() + parseInt(sessionTimeout)). parseInt(sessionTimeoutWarning) * 60 * 1000). var sessionTimeout = "<%= Session. var message = "Your session will expire in another " + minutesForExpiry + " mins! Please Save the data before the session expires". <script language="javascript" type="text/javascript"> var sessionTimeoutWarning = "<%= System. Extend user session.location = ". var timeOnPageLoad = new Date().parse(currentTime) > timeForExpiry) { alert("Session expired.<script language="javascript" type="text/javascript"> var sessionTimeoutWarning = "<%= System. You will be redirected to welcome page").parseInt(sessionTimeout) * 60 * 1000). var sessionTimeout = "<%= Session. the user will be warned about the session timeout. //Current time is greater than the expiry time if(Date.ToString()%>". //For warning var sessionWarningTimer = setTimeout('SessionWarning()'.AppSettings["SessionWarning"]. once the session interval time expires. //Session Warning function SessionWarning() { //minutes left for expiry var minutesForExpiry = (parseInt(sessionTimeout) parseInt(sessionTimeoutWarning)).. var currentTime = new Date(). If user does not save or do any post bac k. You will be redirected to welcome page").Timeout %>". var sessionWarningTimer = null.setMinutes(timeOnPageLoad. var redirectToWelcomePageTimer = null./Welcome. //For warning setTimeout('SessionWarning()'. 3.Configuration.

location = ". sessionWarningTimer = setTimeout('SessionWarning()'. if the session time is over. } //reset the time on page load timeOnPageLoad = new Date().aspx". parseInt(sessionTimeoutWarning) * 60 * 1000). window. //Confirm the user if he wants to extend the session answer = confirm(message). //time for expiry var timeForExpiry = timeOnPageLoad.setMinutes(timeOnPageLoad. //Session Warning function SessionWarning() { //minutes left for expiry var minutesForExpiry = (parseInt(sessionTimeout) parseInt(sessionTimeoutWarning)).. If user c onfirms after the . extend the session./Welcome. You will be redirected to welcome page"). img. //Current time is greater than the expiry time if(Date. } //************************** } //Session timeout function RedirectToWelcomePage(){ alert("Session expired. if(answer) { var img = new Image(1.aspx?date=' + escape(new Date()). } //************************* //Even after clicking ok(extending session) or cancel button./Welcome. var currentTime = new Date(). 1). var message = "Your session will expire in another " + minutesForExpiry + " mins.. window.setTimeout('RedirectToWelcomePage()'. If the user confirms to extend the session. } </script> In this approach.getMinutes() + parseInt(sessionTimeout)). Then exit the session.aspx". //Clear the RedirectToWelcomePage method if (redirectToWelcomePageTimer != null) { clearTimeout(redirectToWelcomePageTimer).src = 'KeepAlive.parse(currentTime) > timeForExpiry) { alert("Session expired. You will be redirected to welcome page").location = ". the user will be warned about the session timeout and provides the ability to extend user session. it gets extended. Do you want to extend the session?".parseInt(sessionTimeout) * 60 * 1000). //To redirect to the welcome page redirectToWelcomePageTimer = setTimeout('RedirectToWelcomePage()'. //if yes.parseInt(sessionTimeout) * 60 * 1000).

aspx http://forums. is licensed under The Code Project Open Lic ense (CPOL) About the Author Manjunath Shrikantiah 9+ plus years of experienc e in IT industry. P ermalink | A dvertis e | P rivac y | M obile | Web0 4 | 2 .com/KB/scripting/Session_Timeout. 1 9 9 9 .aspx to post and view comments on this article.session expiry timeout limit.codeproject. Where 'KeepAlive.src = 'KeepAlive.1 1 0 7 2 6 . when there could be partial rendering and the SetTimeout method and session related variables may not be reset.asp.aspx?date=' + escape(new Date()).2 0 1 1 T erms of U s e .c odeprojec t. This may not work 100%. img. designing and developing solutions on Web and desktop applic ation platforms Architect India Member Comments and Discussions 3 messages have been posted for this article Visit http://www. var img = new Image(1. All files are in Samples folder References http://www.1 A rtic le C opyright 2 0 1 1 by M anjunath Shrikantiah E verything els e C opyright © C odeP rojec t.aspx/2/10 License This article. I am assuming SetTimeout method and session related variables will be reset whenever there is a post back. along with any associated sourc e code and files.net/t/1207721.3 .com/KB/aspnet/AlertSessionTimeOut. or c lick here to get a print view with messages. This includes experienc e in architecting.aspx is dummy page in the website. Note: In all the above sc enarios. Following lines of c ode is used to extend the user session. 1). even then the user will be logged out.

Sign up to vote on this title
UsefulNot useful