http://www.codeproject.com/KB/aspnet/AlertSessionTimeOut.aspx
One of the requirements in my project was to warn users about the session expiry. Though it looks like a simple requirement for the end users, it is not the case for developers and designers. We need to deal with lot of scenarios in the real time application. What is the best way to achieve the objective? Some of the challenges would be like:
The following section will try to cover few of the approaches to handle session expiry.
In this approach, the user will be provided with a simple warning message, based on a pre-defined time interval.
<script language="javascript" type="text/javascript">
var sessionTimeoutWarning =
"<%= System.Configuration.ConfigurationSettings.AppSettings
["SessionWarning"].ToString()%>";
var sessionTimeout = "<%= Session.Timeout %>";
var sTimeout = parseInt(sessionTimeoutWarning) * 60 * 1000;
setTimeout('SessionWarning()', sTimeout);
function SessionWarning() {
var message = "Your session will expire in another " +
(parseInt(sessionTimeout) - parseInt(sessionTimeoutWarning)) +
" mins! Please Save the data before the session expires";
alert(message);
}
</script>
sessionTimeoutWarning
: is a predefined value in the application configuration. Say 18 minutes.sessionTimeout
: holds the session timeout interval. Say 20 minutes. In case the user does not do any post back on the page for about 18 minutes, he will be warned about the session expiry. <script language="javascript" type="text/javascript">
var sessionTimeoutWarning =
"<%= System.Configuration.ConfigurationSettings.AppSettings
["SessionWarning"].ToString()%>";
var sessionTimeout = "<%= Session.Timeout %>";
var timeOnPageLoad = new Date();
//For warning
setTimeout('SessionWarning()', parseInt(sessionTimeoutWarning) * 60 * 1000);
//To redirect to the welcome page
setTimeout('RedirectToWelcomePage()',parseInt(sessionTimeout) * 60 * 1000);
//Session Warning
function SessionWarning() {
//minutes left for expiry
var minutesForExpiry = (parseInt(sessionTimeout) -
parseInt(sessionTimeoutWarning));
var message = "Your session will expire in another " + minutesForExpiry +
" mins! Please Save the data before the session expires";
alert(message);
var currentTime = new Date();
//time for expiry
var timeForExpiry = timeOnPageLoad.setMinutes(timeOnPageLoad.getMinutes()
+ parseInt(sessionTimeout));
//Current time is greater than the expiry time
if(Date.parse(currentTime) > timeForExpiry)
{
alert("Session expired. You will be redirected to welcome page");
window.location = "../Welcome.aspx";
}
}
//Session timeout
function RedirectToWelcomePage(){
alert("Session expired. You will be redirected to welcome page");
window.location = "../Welcome.aspx";
}
</script>
In this approach, the user will be warned about the session timeout. If user does not save or do any post back, he would be redirected to the login or home page, once the session interval time expires.
<script language="javascript" type="text/javascript">
var sessionTimeoutWarning =
"<%= System.Configuration.ConfigurationSettings.AppSettings
["SessionWarning"].ToString()%>";
var sessionTimeout = "<%= Session.Timeout %>";
var timeOnPageLoad = new Date();
var sessionWarningTimer = null;
var redirectToWelcomePageTimer = null;
//For warning
var sessionWarningTimer = setTimeout('SessionWarning()',
parseInt(sessionTimeoutWarning) * 60 * 1000);
//To redirect to the welcome page
var redirectToWelcomePageTimer = setTimeout('RedirectToWelcomePage()',
parseInt(sessionTimeout) * 60 * 1000);
//Session Warning
function SessionWarning() {
//minutes left for expiry
var minutesForExpiry = (parseInt(sessionTimeout) -
parseInt(sessionTimeoutWarning));
var message = "Your session will expire in another " +
minutesForExpiry + " mins. Do you want to extend the session?";
//Confirm the user if he wants to extend the session
answer = confirm(message);
//if yes, extend the session.
if(answer)
{
var img = new Image(1, 1);
img.src = 'KeepAlive.aspx?date=' + escape(new Date());
//Clear the RedirectToWelcomePage method
if (redirectToWelcomePageTimer != null) {
clearTimeout(redirectToWelcomePageTimer);
}
//reset the time on page load
timeOnPageLoad = new Date();
sessionWarningTimer = setTimeout('SessionWarning()',
parseInt(sessionTimeoutWarning) * 60 * 1000);
//To redirect to the welcome page
redirectToWelcomePageTimer = setTimeout
('RedirectToWelcomePage()',parseInt(sessionTimeout) * 60 * 1000);
}
//*************************
//Even after clicking ok(extending session) or cancel button,
//if the session time is over. Then exit the session.
var currentTime = new Date();
//time for expiry
var timeForExpiry = timeOnPageLoad.setMinutes(timeOnPageLoad.getMinutes() +
parseInt(sessionTimeout));
//Current time is greater than the expiry time
if(Date.parse(currentTime) > timeForExpiry)
{
alert("Session expired. You will be redirected to welcome page");
window.location = "../Welcome.aspx";
}
//**************************
}
//Session timeout
function RedirectToWelcomePage(){
alert("Session expired. You will be redirected to welcome page");
window.location = "../Welcome.aspx";
}
</script>
In this approach, the user will be warned about the session timeout and provides the ability to extend user session. If the user confirms to extend the session, it gets extended. If user confirms after the session expiry timeout limit, even then the user will be logged out. Following lines of code are used to extend the user session. Where 'KeepAlive.aspx is a dummy page in the website.
var img = new Image(1, 1);
img.src = 'KeepAlive.aspx?date=' + escape(new Date());
Note: In all the above scenarios, I am assuming SetTimeout
method and session related variables will be reset whenever there is a post back. This may not work 100%, when there could be partial rendering and the SetTimeout
method and session related variables may not be reset. All files are in the Samples folder.
How to Pass Values from CodeBehind to JavaScript? (0) | 2011.12.28 |
---|---|
asp.net Applicaton 객체 관련 내용. (0) | 2011.11.11 |
Alert Session Time out in ASP.Net (세션 시간 종료시 경고창 띄워주기) (0) | 2011.07.18 |
asp.net 에서 저장프로시저 CRUD 하는 방법 (3) | 2011.07.01 |
Google Calendar APIs and Tools (0) | 2011.05.25 |
인증 쿠키 설명 - msdn (0) | 2010.11.19 |
본문과 관련 있는 내용으로 댓글을 남겨주시면 감사하겠습니다.