ASP.NET - How To Show A Popup Warning Before Session Timeout

in XAF integrated?

Very helpful. Thanks, Mehul!

I liked it :)

This solution assumes that each user will use only one client window at a time on the web application , no ? Do you think it's possible to implement a "simple" solution that would work with several windows opened at the same time (sharing the same session) by a single user ? Thanks !

In a Master Page project ... would it be wyse to instantiate the TimeoutControl.ascx in the master page ?

Is there equivalent code as Razor partial page? And can this be incorporated in common view layout page (similar to above question into master page).

Mehul, thanks for providing example in MVC. I tried to incorporate your example into my project but the popup control does not display correctly. My DevExpress version is 10.2 and your example is DevExpress version 11.1. Do I need to upgrade DevExpress version again? It looks like Popup Control support has changed.

Also can I incorporate this feature into _Layout.cshtml so it will apply to all pages and only render TimeoutPartial when request is authenticated as it only makes sense to show timeout if user has logged in.

this Code is good.

but when i use UserControl  popup control and timeout popup is display same time, if i want session live then i click ok button then previous popup control client side validation create static to increment session how can solve this problem..

When several window is opened at same time I use the array to store the handle to opened windows.

Now what to do so that popup appears on top most window.

Hi Mehul,

This won't work in a Web Application as I can now fully attest to. After several  hours trying I found this posting:

In the How to control state when the Session is being expired and prolong it on demand example the solution is posted in the "Web Site project" format, but you are using the "Web Application Project". Web Site projects support the placing of the server-side code in the page markup, but the Web Application project does not support this. Please refer to the Web Application Projects versus Web Site Projects in Visual Studio article for more information regarding this.

To make your application work correctly move all server-side code from your control's markup to the code behind file (TimeOutControl.aspx.vb).

I've asked if they can provide a sample for Web Applications in C# - perhaps a link on this post might be a good idea as well.

Merry Christmas ...

Hi!

I've integrated this pop into my MasterPage project and it works fine, except that the countdown isn't shown. But the redirect is done as expected.

Any idea?

Thx,

Rich

Hi Im trying to implement this solution to my aplication but when I test the project I get multiple javascript messages from VS2012

for example:

0x800a1391 - Runtime Error in Microsoft BLOCKED SCRIPT 'aspxAddHoverItems' is undefined

in line 201 aspxAddHoverItems('TimeoutControl_TimeoutPop......etc')

Hi all,

I have found a workaround to implement this solutions to work for multiple tabs (sharing the same session) by a single user.

Only thing we need to do is, create a Cookie while the user logs in and check that Cookie in the following places,

var showPopup = function() {            

_timeLeft = 60;            

var userid=ASPxClientUtils.GetCookie("LoggedInUser");

if(userid == null)

{

updateCountDown();            

ClientTimeoutPopup.Show();        

}

};

var updateCountDown = function() {

          var min = Math.floor(_timeLeft / 60);

           var sec = _timeLeft % 60;

           if(sec < 10)

               sec = "0" + sec;

           document.getElementById("CountDownHolder").innerHTML = min + ":" + sec;

           if(_timeLeft > 0) {

               _timeLeft--;

               _countDownTimer = window.setTimeout(updateCountDown, 1000);

           } else  {  

               //ASPxClientUtils.SetCookie("userid",null,new Date());  

               //ASPxClientUtils.DeleteCookie("userid");  

               var userid=ASPxClientUtils.GetCookie("LoggedInUser");

               if(userid == null)

               {

                   document.getElementById("<%=btnlogout.ClientID %>").click();

               }

               else

               {

                   sendKeepAlive();

               }

           }            

       };

As per my example I have created a cookie with name "LoggedInUser".

Also we need to do another thing to make the above code work, created a class (.cs) file which inherits the System.Web.UI.Page class and implement the following code in it.

public partial class BasePage : System.Web.UI.Page

{

   protected void Page_PreInit(object sender, EventArgs e)

   {

        if (Session["userid"] != null)

       {

             if (Request.Cookies["LoggedInUser"] != null)

           {

               HttpCookie LoggedInUser = Request.Cookies["LoggedInUser"];

               LoggedInUser.Value = Convert.ToString(Session["userid"]);

               LoggedInUser.Expires = sessionTimeout;

               Response.AppendCookie(LoggedInUser);

           }

           else

           {

               HttpCookie LoggedInUser = new HttpCookie("LoggedInUser");

               LoggedInUser.Value = Convert.ToString(Session["userid"]);

               LoggedInUser.Expires = sessionTimeout;

               Response.AppendCookie(LoggedInUser);

           }

       }

   }

}

So finally we need to inherit this BasePage class in all the .aspx pages in your web application.

I hope this solution will be helpful to you all. At once I found the solution I have posted this is comment and happy it would help someone.

Happy programming..

Hi Mehul,

You are welcome, everything is working fine except one thing. What will happen if session timeout value is less than the PopupShowDelay, the popup is not at all showing but the session got timedout.

For example I have ket the PopupShowDelay=50 mintues and the session timeout is default ie. 20 minutes. What is happening is the session got timedout in 20 minutes and popup never pops up.

So for this shall i set the PopupShowDelay and the Session timeout to same value?

Please help me with a suggestion.

Using document.location is problematic. Use window.location instead. When browser is minimized and not in focus, usage of document.location doesn't render the page. Check out my ticket to DevEx. www.devexpress.com/.../focus-answer-a29bf533-d2a5-11e2-9b11-005056c00008

Nice article.

There is one thing to keep in mind when you work with FormsAuthentication

(SlidingExpiration resets the expiration time for a valid authentication cookie

if a request is made and more than half of the timeout interval has elapsed)

Example:

a) Session timeout 5 minutes

b) FormsAuthentication timeout 5 minutes ( With SlidingExpiration)

Say you load a page on 12:00 and decide to navigate to another page on 12:01 the Session.Timeout will state 5 minutes but the FormsAuthenticationTicket.Expiration will state 4 minutes

because the ticket is not renewed due to the fact that more than the half of the timeout is still available.

If you would do nothing on the page and rely on the Session.Timeout the popup will shown to late and continue the session will not work because you are not authorized anymore. So

it's better to use the FormsAuthentication.Expiration.

There you could do FormsAuthentication.Expiration - DateTime.Now from that you can return the TotalMilliseconds - 60000 ( one minute ). In some cases more time could be required for session end processing.

How can I make a timeout notification like this using the Identity Framework that uses OWIN cookie authentication??