Session Timeout Question

[dvannoy]

I need some info on how to handle session time outs on web forms.

So, I have the following code on each one of my pages form load event;

If Not IsPostBack Then

            If Session("User") IsNot Nothing AndAlso Session("Group") IsNot Nothing Then
                ' let them access the page.
               My User and Group code Here

            Else
                'clear the cache and  redirect back to login page.
                Response.Cache.SetExpires(DateTime.UtcNow.AddMinutes(-1))
                Response.Cache.SetCacheability(HttpCacheability.NoCache)
                Response.Cache.SetNoStore()
                Session.Abandon()
                Response.Redirect("~/Expired.aspx")
            End If
End If

Now, as you can see this just handles the page load event. Sometimes this doesn't seem to work correctly. meaning sometimes if a session expires I get the yellow asp.net error page instead if the Response.Redirect("~/Expired.aspx")

Just looking for thoughts on how to handle expired sessions with a redirect back to login. Maybe not putting the code in the page load event ??

any help would be appreciated

thanks

 

[jbenson001]

Doing it your way would be lots of repetitive code. This should be done using your web.config in the <authentication> and <sessionState> nodes.

https://msdn.microsoft.com/en-us/library/532aee0e(v=vs.80).aspx

https://msdn.microsoft.com/en-us/library/h6bb9cz9(vs.80).aspx