会话到期时重定向到登录页面. [英] Redirect to login page when the Session is Expired.

问题描述

在登录页面中创建会话.

Creating Session in login page.

Session["Id"] = txtid.Text;
                 Session["User_type"] = ddlutype.Text;  //drop down of User type
                 Session["Password"] = txtpassword.Text;

按一下按钮登出

选项1:

On Button SignOut

Option 1:

Session.clear();
if (!IsPostBack)
    {
           if (Session["Id"] == null)
          {
              Response.Redirect("login.aspx");
          }
    }

选项2:

Option 2:

Session.Clear();
Session.Abandon();
Response.Redirect("login.aspx");

他们中的任何一个都不起作用...
帮助!!!!!!!

Either of them is Not Working...
Help !!!!!!!

推荐答案

看看Sandeeps"一文，描述了浏览器问题

注销后浏览器后退按钮问题 [
如果您尝试在这种情况下单击，通过将页面标记为不可缓存，您仍将被定向到身份验证页面.再次，正如克里斯蒂安所说的那样，只有当您通过让页面发出HTTP请求(例如回发)来指示代码时，代码才会运行.您可能会运行精美的javascript，它会轮询有效的会话并在找不到会话时将您重定向，但我看不到这一点.上面的情况对我来说是预期的行为"

Have a look at Sandeeps'' article which describes the browser issue

Browser back button issue after logout[^]

As Christian has said, you need to set the pages you don''t want the user to be able to navigate to after the session has expired to not be cacheable

Imagine the scenario - you''re on a page that requires a session. You go to lunch and the session expires. When you come back, the page is still visible but when you try to do anything you will be directed to the authentication page with a ''return URL'' that is the page you were redirected from. You authenticate again, acquire a new session and are redirected to the ''return URL''

If you tried to click back in this scenario, by marking pages as not cacheable you would still be directed to the authentication page. Again, as Christian has said - code will only run when you instruct it to by having the page make an HTTP request (e.g. a postback). You could have fancy javascript running that polls for a valid session and redirects you when it can''t find one, but I don''t see the point in this. The above scenario is ''expected behaviour'' for me

这肯定可以工作

使用

This will surely work

use

Session.Abandon();

使会话过期

和

在global.asax.cs中找到您的重定向代码.
像这样的东西:

to expire the session

and

Wite your redirection code in global.asax.cs.
somethink like :

protected void Session_End(Object sender, EventArgs e) { Response.Redirect("redirect.aspx"); }

希望对您有所帮助:)

hope this helps :)

不起作用"是什么意思?重定向不会神奇地发生，因为您的代码要等到您要求时才能运行.最好的选择是，当您知道会话将超时时，将运行一个js计时器，但是您希望使用后端代码对其进行备份，因此无法完全同步.您的代码确实很糟糕，永远不要以自由格式使用会话密钥，如果您在一端输入Id并在另一端输入ID怎么办?使用静态类定义这些字符串，以便对其进行强类型化.

What does ''not working'' mean ? Your redirect won''t magically happen, because your code does not run until you ask it to. Your best bet there, is a js timer that runs when you know your session would time out, but you''d want to back that up with back end code, you have no way to synch it exactly. Your code is really poor, you should never use session keys in a free form manner, what if you typed Id on one end and ID on the other ? Use a static class to define these strings, so they are strongly typed.

这篇关于会话到期时重定向到登录页面.的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！