ASP.NET Push Redirect on Session Timeout
I\'m looking for a tutorial, blog entry, or some help on the technique behind websites that automatically push users (ie without a postback) when the session expires. Any h
-
I'm using MVC3 ASp.net as beginner, I tried many solution to solve my session problem ( since i'm using Session variable in my code, and after timeout i didn't have session values while i'm keep using it And I just find that my problem was in config file. the timeout between Authentication and sessionState should be so close. so they Killed (empty) at the same time // add timeout 1 and 2 for testing.. it's should be at least 29 and 30
I used others way it's work too :
Starting from :
protected void Session_Start(object src, EventArgs e) { if (Context.Session != null) { if (Context.Session.IsNewSession)//|| Context.Session.Count==0) { string sCookieHeader = Request.Headers["Cookie"]; if ((null != sCookieHeader) && (sCookieHeader.IndexOf("ASP.NET_SessionId") >= 0)) { //if (Request.IsAuthenticated) FormsAuthentication.SignOut(); Response.Redirect("/Account/LogOn"); } } } } protected void Session_End(object sender, EventArgs e) { //Code that runs when a session ends. //Note: The Session_End event is raised only when the sessionstate mode //is set to InProc in the Web.config file. If session mode is set to StateServer //or SQLServer, the event is not raised. Session.Clear(); }And :
public class SessionExpireFilterAttribute : ActionFilterAttribute { public override void OnActionExecuting(ActionExecutingContext filterContext) { HttpContext ctx = HttpContext.Current; // check if session is supported if (ctx.Session != null) { // check if a new session id was generated if (ctx.Session.IsNewSession) { // If it says it is a new session, but an existing cookie exists, then it must // have timed out string sessionCookie = ctx.Request.Headers["Cookie"]; if ((null != sessionCookie) && (sessionCookie.IndexOf("ASP.NET_SessionId") >= 0)) { ctx.Response.Redirect("~/Home/LogOn"); } } } base.OnActionExecuting(filterContext); } }And even worked with Ajax to solve session issuse:
protected override void OnActionExecuting(ActionExecutingContext filterContext) { if (Session.Count == 0 || Session["CouncilID"] == null) Response.Redirect("/Account/LogOn"); if (Request.IsAjaxRequest() && (!Request.IsAuthenticated || User == null)) { filterContext.RequestContext.HttpContext.Response.StatusCode = 401; } else { base.OnActionExecuting(filterContext); } } [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)] public class AuthorizeUserAttribute : AuthorizeAttribute { protected override bool AuthorizeCore(HttpContextBase httpContext) { if (!httpContext.Request.IsAjaxRequest()) {//validate http request. if (!httpContext.Request.IsAuthenticated || httpContext.Session["User"] == null) { FormsAuthentication.SignOut(); httpContext.Response.Redirect("~/?returnurl=" + httpContext.Request.Url.ToString()); return false; } } return true; } protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext) { if (filterContext.HttpContext.Request.IsAjaxRequest()) { filterContext.Result = new JsonResult { Data = new { // put whatever data you want which will be sent // to the client message = "sorry, but you were logged out" }, JsonRequestBehavior = JsonRequestBehavior.AllowGet }; } else { base.HandleUnauthorizedRequest(filterContext); } } }
加载中...
- 热议问题