tags:

views:

186

answers:

3
Q: 

closing all web pages on session time out

Hi,

When a session is timed out in asp.net application, we need to close all the web pages those are already opened by a user.

Each page has sign out link. When the user click on that link, the home page is redirected to that page.

In this case, the other opened pages also needs to be closed.

How can we do this?

+1  A: 

For all pages:

  1. AJAX call back to server to check whether Session has expired.
  2. Parse result from AJAX
  3. If session ended then close window or redirect to logged out page.
thephpdeveloper  2009-12-18 07:45:40
Won't the AJAX call to the server keep the session alive, especially if it checks for the current session?
Razzie  2009-12-18 07:48:59
I agree with Razzie... But what if the AJAX calls a webservice... I'm a newbie to Webservice.. Will the webservice call run in the same session of the original page call... ??
The King  2009-12-18 08:00:27
then the session termination can be handled manually, to supplement the ASP.NET session termination.
thephpdeveloper  2009-12-18 09:52:32
AFAIK you can only set `EnableSession` on the web-method using the `WebMethod` attribute. If you enable it, the session will be kept alive. If you disable it, you don't know if the session's alive...
Vinz  2009-12-18 14:06:42
A: 

On the second thought... we can use what @thephpdeveloper said, particularly when user signs out formally... (like clicking the signout button) Once After a formal Sign out happens... Such Ajax Call back can be used, cause the session will be valid but there will not be any user... Using this we can signal the page and close the browser window

The King  2009-12-18 08:05:00
A: 

As Razzie commented, doing an AJAX callback to the same web-application will keep the session alive. Using a web-service also won't solve the problem.

This solution avoids keeping the session alive:

  • Store every session in the database. This could be done in the Session_Start event in the Global.asax or after the log-in.
  • Delete timed-out sessions from the database in the Session_End event in your Global.asax file or after the log-out.
  • Do a periodical AJAX callback to a different web-application, e.g. a web running on a sub-domain, to check in the database if the session still exists.

I suggest you use the SessionID to identify the sessions.

Vinz  2009-12-18 14:02:06

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps