ansaurus

Question

C#.net webform, avoid losing data from session timeout

Answer 1

A:

Well, the easy way it to drastically lengthen the timeout specified in the web.config file.

Brad 2010-10-07 18:22:02

@Brad: I should be able to do that, but for some reason this seems to have no effect. Also, I don't necessarily want this to happen on every page, just some of them.

MAW74656 2010-10-07 18:23:29

Answer 2

+3 A:

It's not necessarily trivial, but you can add an ajax component that makes occasional calls to a page to keep the session alive. This way you could lengthen the session for any particular page you need to without affecting the application as a whole.

EDIT

If you really want to let the session expire, but keep the form data, you can implement

protected void Application_PostAuthenticateRequest (object sender, EventArgs e)

event handler in your global.asax.cs file. This is called before the forms authentication redirect happens, and the form data is available to your application at this point, so you can persist it to whatever medium is necessary until your user is authenticated again. In addition, if you check the

((HttpApplication)sender).Request.Path

property it will tell you which page was requested.

arootbeer 2010-10-07 18:25:37

+1, this seems very doable and exactly to point.

Brad 2010-10-07 18:26:34

@arootbeer: Yes, I have heard of a similiar method. However, my real goal here is not to maintain the session, but the data. I consider vastly expanding the timeout to be a last resort. And what do you mean by "component"?

MAW74656 2010-10-07 18:30:44

What component means depends on how your pages are built, but most likely it would be a tiny user control that has a Javascript method to occasionally call a URL you give it. As a user control you can just include it inline on the pages that need it.

arootbeer 2010-10-07 18:40:27

As to maintaining the user's data, the fact that they're "losing" it is a result of ASP.Net not honoring sessions that have expired, not a problem with the application itself. They could likely work around it just by opening the login screen in a different window/tab, and logging in again before submitting their data.

arootbeer 2010-10-07 18:40:55

I understand, but my question is whether or not it is possible to get around that. So, can I programmatically refresh the authentication and submit the data without the user having to jump through hoops?

MAW74656 2010-10-07 18:44:28

Gotcha. I'll udpate my answer.

arootbeer 2010-10-07 18:46:04

We have used this technique in a web app where we needed for specific pages to be able to extend the session timeout.

JMarsch 2010-10-07 18:57:37

Ok, ok, that's what I'm talking about! Now, for a stupid question: How can I get to edit global.asax.cs? I've never modified this before.

MAW74656 2010-10-07 19:46:56

If your application doesn't have one, you'll have to add it - `.asax file` is one of the specific types of files you can add to a web application from the Visual Studio "New File" dialog. It defaults to being named "Global.asax".

arootbeer 2010-10-07 19:50:51

I changed the event handler from `Application_AuthenticateRequest` to `Application_PostAuthenticateRequest` because it appears to be the last place you can intercept the request before the redirect.

arootbeer 2010-10-07 19:56:44

@arootbeer: OMG! I can do soooooo much with this! Unhandled exceptions, session start.... why isn't this included in a new project by default!??

MAW74656 2010-10-07 20:00:01

Alright, so I can grab the data from controls in the original page, then redirect them to login page, then send them to the original page with the data as querystring or session variables.

MAW74656 2010-10-07 20:01:54

Possibly. I'd think it would be difficult to do with session, since the login page will be creating a new session. But you can put it *somewhere*, which will let you do what you want. As to why it's not included by default, well, it is. If you create a new web application, Global.asax is one of the files that's included. Maybe it was removed from your application because it wasn't used?

arootbeer 2010-10-07 20:06:01

No, I started the app from scratch, but since I've never used it before, I have no idea whether or not its been there. Your right, querystring would probably work better than session. I'll experiment and let you guys know!

MAW74656 2010-10-07 20:22:31

@arootbeer: Can you give an example of how to reference the controls (textbox, dropdownlist) from the sending page in Global.asax?

MAW74656 2010-10-08 19:41:46

You can't reference the controls; you'll have to deal with the `Form` data on the `sender`.

arootbeer 2010-10-08 20:03:24

Answer 3

A:

I'm going to try using cookies to preserve the data. My plan is to update the user's cookie after each control is changed, then add logic to the page_load property of the page to populate the form data after the user is logged back in.

MAW74656 2010-10-08 22:13:15

ansaurus

tags:

views:

answers:

C#.net webform, avoid losing data from session timeout

related questions