tags:

views:

2566

answers:

4
+3  Q: 

How can you display a session timeout warning that is smart enough to handle multiple open browsers or tabs

I have implemented a session timeout warning using javascript that simply asks the user if they want to extend their session or logout. The problem is that this is for an intranet portal where power users will often have several browser windows or tabs open at the same time to the application. Currently, they will be prompted that they are about to be logged out from every browser window. How can I make the code smarter to detect that they are actively using another browser session?

A: 

I recommend using Jquery.

lupefiasco  2008-12-12 19:16:08
i have no friends
Joel  2008-12-12 19:18:38
+1  A: 

You'd have to check the session state on the server using Ajax and keep track of all the open sessions/windows the user has. You'd then be able to target only one of the available sessions with the log out warning.

In response to your comment:

Don't use the built-in session mechanism, devise your own using an server-side presistent array or a database log.

No, nothing in the HTTP request tells you how many browsers are open, but you can assign your own sessionID cookie as the user opens each browser window. Make an Ajax call to the server, see if the user has timed-out, and if you're the lowest (or last) entry in the session log then you're the browser that gets the warning.

Diodeus  2008-12-12 19:19:57
2 thoughts: 1) how to you check the session state of a .NET app without actually extending the session?2) is there actually a way to tell how many browser windows a user has? Nothing in the http request tells you this
Joel  2008-12-12 19:22:17
Have the function to update session called when the user performs an action, don't call the function when you are checking session status. You could detect how many browsers are open based on agent string, don't think you can detect windows/tabs of each.
Adam  2008-12-12 19:33:57
I don't understand how that would work. Also, if they are using separate browsers (like IE and FF) or even separate instances of the same browser then they have different sessions so this isn't an issue.
Joel  2008-12-12 19:37:43
A: 

Would this work?

Store a Javascript cookie and check that to determine if the session has been extended in another tab?

looks like this does work...

Joel  2008-12-12 20:11:11
+1  A: 

You can't count on all tabs/windows to be part of the same Session, because they could be spawned and contained within separate processes and you don't have much control over that.

But if your code references a Javascript cookie, you can check your seudo-session state via a postback (synchronous or AJAX). But then you're depending on cookies being enabled on the user's browser.

Kon  2008-12-12 20:49:49

related questions

Subsonic Vs NHibernate
How to check For File Lock in C# ?
Is nAnt still supported and suitable for .net 3.5/VS2008?
Limit size of Queue<T> in .NET?
Viewstate invalid when using Safari
Free OCR library
Unhandled Exception Handler in .NET 1.1
Localising date format descriptors
Get a new object instance from a Type in C#
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
.NET Testing Framework Advice
Embedded Database for .net that can run off a network
Automatically update version number
Homegrown consumption of web services
How do you migrate a large app from VB6 to VB .net ?
.NET Migrations Engine
Adding Scripting functionality to .NET applications
SQLite and XSD
Floating Point Number parsing: Is there a Catch All algorithm?
How do I programmatically create a PDF in my .NET application?
How do I sync the SVN revision number with my ASP.NET web site?
XSD DataSets and ignoring foreign keys
Anatomy of a "Memory Leak"
Reliable Timer in a Console Application
How do I calculate relative time?