How to check session upon start in masterpage or in global.asax?

As such, your strategy looks OK to me but I would have preferred a different implementation: Use an abstract class derived from System.Web.UI. Page as a base class for all pages. Let's say we call this class as a BasePage Add a virtual method such as IsRefreshHeaderNeeded the default implementation will return true.

The method will be invoked in PreRender stage of BasePage to add actual refresh header in response In SessionExpired page IsRefreshHeaderNeeded will be overridden to return false. (Similar can be needed in pages such as login or pages that don't need session support) Refresh header/meta to redirect to login page will be added in SessionExpired page itself (really its a logic within the page, why to put it at global place). SessionExpired page would of course have link for use to manually navigate to login page (in case redirect does not work) Master page is a content template and I prefer to have only logic related that that content within the master page Yet another strategy is not to use client side refresh for session expiry but rather do it from server side when you dictates that current session has expired when user visits the site back.

Extending further, you may even have implementation that save critical session data into database so that you can reconstruct the session and from user experience perspective, there will be no session expiry.

As such, your strategy looks OK to me but I would have preferred a different implementation: Use an abstract class derived from System.Web.UI. Page as a base class for all pages. Let's say we call this class as a BasePage.

Add a virtual method such as IsRefreshHeaderNeeded - the default implementation will return true. The method will be invoked in PreRender stage of BasePage to add actual refresh header in response. In SessionExpired page, IsRefreshHeaderNeeded will be overridden to return false.(Similar can be needed in pages such as login or pages that don't need session support).

Refresh header/meta to redirect to login page will be added in SessionExpired page itself (really its a logic within the page, why to put it at global place). SessionExpired page would of course have link for use to manually navigate to login page (in case redirect does not work). Master page is a content template and I prefer to have only logic related that that content within the master page.

Yet another strategy is not to use client side refresh for session expiry but rather do it from server side when you dictates that current session has expired when user visits the site back. Extending further, you may even have implementation that save critical session data into database so that you can reconstruct the session and from user experience perspective, there will be no session expiry.

You can clear a session manually by calling Session.Abandon(); System.Web.Security. FormsAuthentication. RedirectToLoginPage(); About the session expiration: Execute this code somewhere (like VinayC suggested, MasterPage or in a class derived from System.Web.UI.

Page that serves as a baseclass for all your content pages (meaning change the derivation from System.Web.UI. Page in all you codebehind files from the aspx pages into the derivation of your custom class) if (Request.Url.AbsolutePath. EndsWith("SessionExpired.

Aspx", StringComparison. InvariantCultureIgnoreCase)) { // your html redirect code here } else Response. Redirect("~/Public/SessionExpired.

Aspx").

In SessionExpired page, IsRefreshHeaderNeeded will be overridden to return false. (Similar can be needed in pages such as login or pages that don't need session support). Refresh header/meta to redirect to login page will be added in SessionExpired page itself (really its a logic within the page, why to put it at global place).

SessionExpired page would of course have link for use to manually navigate to login page (in case redirect does not work). Master page is a content template and I prefer to have only logic related that that content within the master page. Yet another strategy is not to use client side refresh for session expiry but rather do it from server side when you dictates that current session has expired when user visits the site back.

Extending further, you may even have implementation that save critical session data into database so that you can reconstruct the session and from user experience perspective, there will be no session expiry.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.

Related Questions