Check session object?

[LL]

Hi,

Where is the best place to check the session's object, if it's null, then
redirect the user to login page?

put into every page's load event?

Thanks.

 

[Nicholas Paldino [.NET/C# MVP]]

LL,

There will always be a session object available to you (or at least,
there should be). The best way to do this would be to set up the web.config
file to deny any unauthorized users. Basically, you place a <deny
users="?"> element in the <authorization> section and it will redirect
unauthorized users to the login page that you specify.

Check out the section of the .NET framework titled "Forms Authentication
Provider", located at (watch for line wrap):

http://msdn.microsoft.com/library/d...html/cpconthecookieauthenticationprovider.asp

Hope this helps.

 

[LL]

Thanks Nicholas.

I use "Form Auth" to login. and I still need to store some info in the
Session["xx"] for other pages. How to deal the case: if session expire.

Object reference not set to an instance of an object.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information
about the error and where it originated in the code.

Exception Details: System.NullReferenceException: Object reference not set
to an instance of an object.

Source Error:


Line 378: StateIndex["ON"] = 7;
Line 379:
Line 380: if (Session["Lever"] == null)
Line 381: {
Line 382: Response.Redirect("login.aspx");


Source File: c:\project\Test\admin.aspx.cs Line: 380

LL,

There will always be a session object available to you (or at least,
there should be). The best way to do this would be to set up the web.config
file to deny any unauthorized users. Basically, you place a <deny
users="?"> element in the <authorization> section and it will redirect
unauthorized users to the login page that you specify.

Check out the section of the .NET framework titled "Forms Authentication
Provider", located at (watch for line wrap):

http://msdn.microsoft.com/library/d...html/cpconthecookieauthenticationprovider.asp

Hope this helps.

--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hi,

Where is the best place to check the session's object, if it's null, then
redirect the user to login page?

put into every page's load event?

Thanks.

 

[Ignacio Machin \( .NET/ C# MVP \)]

Hi LL,

You should always check the session's objects for null before doing
anything with it, if it's null either the previous session expired or the
object has not been created yet.



Cheers,

--
Ignacio Machin,
ignacio.machin AT dot.state.fl.us
Florida Department Of Transportation

Thanks Nicholas.

I use "Form Auth" to login. and I still need to store some info in the
Session["xx"] for other pages. How to deal the case: if session expire.

Object reference not set to an instance of an object.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information
about the error and where it originated in the code.

Exception Details: System.NullReferenceException: Object reference not set
to an instance of an object.

Source Error:


Line 378: StateIndex["ON"] = 7;
Line 379:
Line 380: if (Session["Lever"] == null)
Line 381: {
Line 382: Response.Redirect("login.aspx");


Source File: c:\project\Test\admin.aspx.cs Line: 380



message news:[email protected]...

LL,

There will always be a session object available to you (or at least,
there should be). The best way to do this would be to set up the web.config
file to deny any unauthorized users. Basically, you place a <deny
users="?"> element in the <authorization> section and it will redirect
unauthorized users to the login page that you specify.

Check out the section of the .NET framework titled "Forms Authentication
Provider", located at (watch for line wrap):

http://msdn.microsoft.com/library/d...html/cpconthecookieauthenticationprovider.asp

Hope this helps.

--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hi,

Where is the best place to check the session's object, if it's null, then
redirect the user to login page?

put into every page's load event?

Thanks.

 

[LL]

Thanks Ignacio.

How to check?
Using this one:
if (Session["Lever"] == null)?

Hi LL,

You should always check the session's objects for null before doing
anything with it, if it's null either the previous session expired or the
object has not been created yet.



Cheers,

--
Ignacio Machin,
ignacio.machin AT dot.state.fl.us
Florida Department Of Transportation

Thanks Nicholas.

I use "Form Auth" to login. and I still need to store some info in the
Session["xx"] for other pages. How to deal the case: if session expire.

Object reference not set to an instance of an object.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information
about the error and where it originated in the code.

Exception Details: System.NullReferenceException: Object reference not set
to an instance of an object.

Source Error:


Line 378: StateIndex["ON"] = 7;
Line 379:
Line 380: if (Session["Lever"] == null)
Line 381: {
Line 382: Response.Redirect("login.aspx");


Source File: c:\project\Test\admin.aspx.cs Line: 380



message news:[email protected]...

LL,

There will always be a session object available to you (or at least,
there should be). The best way to do this would be to set up the web.config
file to deny any unauthorized users. Basically, you place a <deny
users="?"> element in the <authorization> section and it will redirect
unauthorized users to the login page that you specify.

Check out the section of the .NET framework titled "Forms Authentication
Provider", located at (watch for line wrap):

http://msdn.microsoft.com/library/d...html/cpconthecookieauthenticationprovider.asp

Hope this helps.

--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hi,

Where is the best place to check the session's object, if it's null, then
redirect the user to login page?

put into every page's load event?

Thanks.

 

[Ignacio Machin \( .NET/ C# MVP \)]

Hi,

Yep, that will work

Cheers,

--
Ignacio Machin,
ignacio.machin AT dot.state.fl.us
Florida Department Of Transportation

Thanks Ignacio.

How to check?
Using this one:
if (Session["Lever"] == null)?

"Ignacio Machin ( .NET/ C# MVP )" <ignacio.machin AT dot.state.fl.us> wrote
in message news:[email protected]...

Hi LL,

You should always check the session's objects for null before doing
anything with it, if it's null either the previous session expired or the
object has not been created yet.



Cheers,

--
Ignacio Machin,
ignacio.machin AT dot.state.fl.us
Florida Department Of Transportation

Thanks Nicholas.

I use "Form Auth" to login. and I still need to store some info in the
Session["xx"] for other pages. How to deal the case: if session expire.

Object reference not set to an instance of an object.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information
about the error and where it originated in the code.

Exception Details: System.NullReferenceException: Object reference not set
to an instance of an object.

Source Error:


Line 378: StateIndex["ON"] = 7;
Line 379:
Line 380: if (Session["Lever"] == null)
Line 381: {
Line 382: Response.Redirect("login.aspx");


Source File: c:\project\Test\admin.aspx.cs Line: 380



"Nicholas Paldino [.NET/C# MVP]" <[email protected]>

wrote
in

message LL,

There will always be a session object available to you (or at least,
there should be). The best way to do this would be to set up the
web.config
file to deny any unauthorized users. Basically, you place a <deny
users="?"> element in the <authorization> section and it will redirect
unauthorized users to the login page that you specify.

Check out the section of the .NET framework titled "Forms
Authentication
Provider", located at (watch for line wrap):

http://msdn.microsoft.com/library/d...html/cpconthecookieauthenticationprovider.asp

Hope this helps.

--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hi,

Where is the best place to check the session's object, if it's null,
then
redirect the user to login page?

put into every page's load event?

Thanks.