Redirecting User to Login Page After Session Timeouts

转载 2004年08月20日 15:11:00

Redirecting User to Login Page After Session Timeouts

     In most of the applications you might come across the situation where you need to redirect the user to login page after session timeouts. It is simple, if you want to redirect user to login page when the user submits the page after session timeout. You got the control in server, you can check for session timeout. If that is true, then you can redirect the user to any page you want. If you implemented Authentication like Forms authentication or Passport authentication in your applications. Then this is done automatically when the user resubmits the page after session timeouts.

     But the requirement is such that you want to redirect the user immediately after timeout to login page before the user submits the page. In this article, I am going to explain how we can achieve this in ASP.NET.Before we see how to redirect the the user to login page after session timeout, we will see how to refresh any page after certain intervals. This will help me to clearly explain how to play with page redirection from client.  

Refreshing any page after certain interval

     For refreshing any page after certain interval, you need to use client side script only. You cant do this in server side, The reason being that the page has been served to the client, end of request.  The web is stateless; until the user comes back and initiates another request the server can't do anything. So we need to do this refreshing activity from client side only. There are two ways to achieve this,

                    1. Using Window.setTimeout method
                    2. Using Meta Tag - Refresh. 

Using Window.setTimeout method:

              DHTML Window object has a method called "setTimeout" which  evaluates an expression after a specified number of milliseconds has elapsed. With the help of this method, you can run the client side script window.location.href="somepage" to redirect page in the current window. SetTimeout accepts three parameters.

vCode Required. Variant that specifies the function pointer or string that indicates the code to be executed when the specified interval has elapsed.
iMilliSeconds Required. Integer that specifies the number of milliseconds.
sLanguage Optional. String that specifies one of the following values:
JScript Language is JScript.
VBScript Language is VBScript.
JavaScript Language is JavaScript.

             You need to call this method in body load and start the timer( by calling setTimeout method). This timer will elapse depending upon the second parameter for this method. When it is elapsed, it will fire the script which is given as first parameter. So you need to add this to the body element onload method. For adding client side event to body tag in you need to follow this methos.

1. Declare the body tag in html window as server control by specifing runat attribute and give an id to that tag.

                                <body runat="server" id= "body">< /P>< /FONT>

2. In the code behind, declare this element as htmlgenericcontrol like this.            

  Protected WithEvents body As System.Web.UI.HtmlControls.HtmlGenericControl    

3. Finally add the following code in your page_load event handler, this will add the client side handler for body tag.

 body.Attributes.Add("onLoad", "window.setTimeout(""window.location.href='<somepage>.aspx'"",5000);")     

This method will refresh the page to the specified location after 5 secs. The disadvantage of this method is, this might not work in some lower end browsers. So you need to go for other method i.e. by using Meta Tags.

Using Meta Tag - Refresh

    Another way for refreshing the page after certain interval is by using meta tag - Refresh. This tag specifies a delay in seconds before the browser automatically reloads the document. Optionally, specifies an alternative URL to load. Example

               <META HTTP-EQUIV="Refresh" CONTENT="3;URL=">

In ASP.NET, you can add headers in code behind using this method.

             Response.AppendHeader("Refresh", "10; URL=.aspx")

This method will reload the current window after interval mentioned in the second parameter to the page which is mentioned as URL to refresh. In this case page will be refreshed after 10 seconds.

Redirecting User To Login Page after Session Timeouts.

Redirecting user to login page after session timeout is similar to refreshing the page after certain intervals method. Only thing which will differ is that calculating time after which the page has to be redirected. Hence time can be calculated using Session.timeout property which will give us session timeout value for that session. Add some grace timings to that value and redirect the user to the login page automatically.

Using Window.setTimeout method

body.Attributes.Add("onLoad", "window.setTimeout(""window.location.href='login.aspx'""," & (Session.Timeout * 60 * 1000) + 10000 & ");")

Using Meta Tag - Refresh

Response.AppendHeader("Refresh", Convert.ToString((Session.Timeout * 60) + 10) & "; URL=Login.aspx")

Both these methods will redirect the user to login page  after session timeout + 10 seconds. This is how you can redirect the user to login page after session timeout without user interaction.

Yii2 User 登录原理

本文是在session登录畅通无阻的前提下,首先要先搞好session登录,这个在这里不做叙述,好多session登录的文章。本文叙述cookie登录的原理和使用 FancyEcommerce原...
  • lhorse003
  • lhorse003
  • 2017年03月10日 13:57
  • 1401

Spring Security学习二 - 自定义Login方法

自定义Spring Security的Login方法。
  • lee353086
  • lee353086
  • 2016年09月19日 16:41
  • 4284


由于公司机房异常断电,导致测试环境的hadoop集群数据全部down掉。重启hadoop集群后,访问: 提示: N...
  • levy_cui
  • levy_cui
  • 2016年04月13日 14:07
  • 522


由于公司机房异常断电,导致测试环境的hadoop集群数据全部down掉。重启hadoop集群后,访问: NameNo...
  • qianshangding0708
  • qianshangding0708
  • 2015年08月17日 12:33
  • 4250


session机制 当程序需要为某个客户端的请求创建一个session的时候,服务器首先检查这个客户端的请求里是否已包含了一个session标识 - 称为session id,如果已包含一个sess...
  • u013210620
  • u013210620
  • 2016年08月25日 23:43
  • 3196


功能: ·UserLogin作为控制登录的Action,校验密码成功后记录session,可以选择记住登陆状态,登陆成功后自动跳转到登陆前的URL; ·UserLogout作为控制登录推出...
  • tfy1332
  • tfy1332
  • 2014年04月03日 17:45
  • 3500

jsp 的四个作用域 :page、request、session和application的区别 .

1、区别: 1.page指当前页面有效。在一个jsp页面里有效 2.request 指在一次请求的全过程中有效,即从http请求到服务器处理结束,返回响应的整个过程,存放在HttpServ...
  • frankaqi
  • frankaqi
  • 2015年10月31日 18:14
  • 1552

使用Rails restful方式的Session实现登陆机制

  • y_xiao_
  • y_xiao_
  • 2015年12月10日 21:26
  • 1119


当你的 Linux 系统出现不明原因的问题时,很多人都告诉你,你要查阅一下登录文件才能够知道系统出了什么问题了,所以说, 了解登录文件是很重要的事情呢。登录文件可以记录系统在什么时间、哪个主机、哪个服...
  • mybluetiankong
  • mybluetiankong
  • 2014年03月03日 09:31
  • 1704


  • u013938465
  • u013938465
  • 2015年09月24日 15:42
  • 3452
您举报文章:Redirecting User to Login Page After Session Timeouts