In this example, We have checked the session is New or not and check the ASP.NET_SessionId if its length greater than or equal to 0 then it says it is new session but an existion cookie is there,may be time out of our session. So we will redirect to some other page.
// have timed out
/// <summary>
/// Session Expiration Handling
/// </summary>
public class SessionExpire : System.Web.UI.Page
{
public SessionExpire(){}
override protected void OnInit(EventArgs e)
{
base.OnInit(e);
//It appears from testing that the Request and Response both share the
// same cookie collection. If I set a cookie myself in the Reponse, it is
// also immediately visible to the Request collection. This just means that
// since the ASP.Net_SessionID is set in the Session HTTPModule (which
// has already run), thatwe can't use our own code to see if the cookie was
// actually sent by the agent with the request using the collection. Check if
// the given page supports session or not (this tested as reliable indicator
// if EnableSessionState is true), should not care about a page that does
// not need session
if (Context.Session != null)
{
//Tested and the IsNewSession is more advanced then simply checking if
// a cookie is present, it does take into account a session timeout, because
// I tested a timeout and it did show as a new session
if (Session.IsNewSession)
{
// If it says it is a new session, but an existing cookie exists, then it must
// have timed out (can't use the cookie collection because even on first
// request it already contains the cookie (request and response
// seem to share the collection)
string szCookieHeader = Request.Headers["Cookie"];
if ((null != szCookieHeader) && (szCookieHeader.IndexOf("ASP.NET_SessionId") >= 0))
{
Response.Cookies.Clear();
Response.Clear();
Session.Abandon();
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.SetExpires(DateTime.Now);
System.Web.Security.FormsAuthentication.SignOut();
Response.Redirect("~/Error/SessionExpiration.aspx", false);
}
}
}
/* To disable storing pages in cache*/
Response.Cache.SetCacheability(HttpCacheability.ServerAndNoCache);
Response.Cache.SetAllowResponseInBrowserHistory(false);
Response.Cache.SetNoStore();
}
}
Here I have inherited the SessionExpire class in each page. It will check the session expiration on each load. If the session expires then it will redirect to some other page.
public partial class Demographics_Dependant : Common.SessionExpire
{
}
In this example i have refered it from some site. i cant remember that site.
07:02 |
Category:
ASP.NET
|
0
comments
Comments (0)