basePageSessionExpire.cs

 

 public class basePageSessionExpire : System.Web.UI.Page

 {

    public basePageSessionExpire()

    {

    }





  override protected void OnInit(EventArgs e)

  {

       base.OnInit(e);





   //It appears from testing that the Request and Response both share the 

   // same cookie collection.  If I set a cookie myself in the Reponse, it is 

   // also immediately visible to the Request collection.  This just means that 

   // since the ASP.Net_SessionID is set in the Session HTTPModule (which 

   // has already run), thatwe can't use our own code to see if the cookie was 

   // actually sent by the agent with the request using the collection. Check if 

   // the given page supports session or not (this tested as reliable indicator 

   // if EnableSessionState is true), should not care about a page that does 

   // not need session

   if (Context.Session != null)

   {

    //Tested and the IsNewSession is more advanced then simply checking if 

   // a cookie is present, it does take into account a session timeout, because 

   // I tested a timeout and it did show as a new session

    if (Session.IsNewSession)

    {

     // If it says it is a new session, but an existing cookie exists, then it must 

   // have timed out (can't use the cookie collection because even on first 

   // request it already contains the cookie (request and response

     // seem to share the collection)

     string szCookieHeader = Request.Headers["Cookie"];

     if ((null != szCookieHeader) && (szCookieHeader.IndexOf("ASP.NET_SessionId") >= 0))

     {

      Response.Redirect("sessionTimeout.htm");

     }  

    } 

   }

  }

}

 

sessionTimeout.htm

http://aspalliance.com/520_Detecting_ASPNET_Session_Timeouts.all