Authentication/Automatic redirection question

  • Thread starter Thread starter David Kleyman
  • Start date Start date
D

David Kleyman

Hello

I would like to find out if there is a way to SignOut() the user and
redirect the browser back to login page after time out period expired

I've added these settings to my web.config file but they don't seem to take
any effect

<authentication mode="Forms">

<forms name="frmLogin.aspx" loginUrl="/frmLogout.aspx?timeout=1" timeout="1"
slidingExpiration="true" requireSSL = "false"></forms>

</authentication>

I know that there is a "refresh" metatag that I can use like this one

<meta http-equiv="refresh" content="30; url=frmLogout.aspx?timeout=1">

but that refreshes the page no matter if the users actively typing something
into the textboxes on the page or if they are idle.

Is there something I can do to accomplish this?

Thank you

David
 
It'll have to be done on the client side, because there is no way you can
control their browser like that on the server side, unless you handle this
through page transitions.

You should be able to write some javascript that runs the timer (which would
be a stored time in the system), then for the page any
onClick/onMouseOver/etc on controls would reset this timer (put the current
time). If the timer exceeds what you want, you change the page on them.

You'd have to have a javascript function running in the background the whole
time, don't know what that would do as far as client performance, and they
may not like having their page redirected because they read over the form
real well but didn't move the mouse or hit a key.
 
David,
If a user's forms authentication cookie has expired, the next time they try
to access a protected resource, they will be signed out and automatically
taken to the login page. Does that help?
 
Not really

I need page to be redirected automatically after timeout expires

Also
what's the difference between using Response.redirect("page.aspx") and
Server.transfer("page.aspx")?
if I use Server.transfer request does not stay authenticated between the
page navigations
Request.IsAuthenticated returns false on the next page

Thank you

David

David
 
Back
Top