CODEWITHSUNDEEP
javascriptajaxsessionasp-classiciis-7.5
BumbleShrimp
BumbleShrimp

Reputation: 2200

ASP(classic)/IIS 7.5 - Can you check if Session has timed out without refreshing the session?

I'm working on an ASP classic application running on IIS 7.5. I am attempting to throw a popup overlay over the user's window if their session has timed out without them ever having to interact with the machine (for instance if they walk away from the machine and forget about it, I want this popup to be waiting for them when they get back).

I have implemented a background setInverval function that uses jQuery to send an ajax request to a page on my server named ajax-check-session.asp.

ajax-check-session.asp does nothing but check if the session still exists or not, and Response.Write a 1 or 0 respectively.

The session checking works, I can log out from a different tab and the pop-up will show up in any other tabs that were using that session. However, if I just leave the tab alone for 20 minutes (the Session.Timeout value), the pop-up never shows up. I'm assuming this is because the ajax request to ajax-check-session.asp is refreshing the session every 3 seconds so that it will never time out.

Here's the code for ajax-check-session.asp: 

<%Option Explicit 

Response.Write LoggedIn()


Function LoggedIn 
    Dim strUsername
    strUsername = Session("username")

    If strUsername = "" Or isNull(strUsername) Then
        LoggedIn = 0
    Else
        LoggedIn = 1 
    End If 

End Function 

%>

Does anyone know if accessing this page every 3 seconds is, in fact, the reason my session won't time out? If so, do you have any suggestions for alternative techniques to accomplish my goal, or a fix to my code/server that will allow this page to not refresh session?

I have attempted using <%@EnableSessionState=False%> on this page, but I can't think of a way to still check if the session has expired with this set to false, as this seems to revoke access to Session entirely.

Upvotes: 1

Views: 891

Answers (1)

Rafael
Rafael

Reputation: 3111

it's correct when you calling Session("username") in fact you are refreshing the Session Object itself, because that you will never see the popup.

an alternative is to use the Global.ASA file to implement a the functions Session_OnStart and Session_OnEnd to store the SessionID and the date/time when it was created in a database, and your script can check the records.

you can use both function to insert and delete the session info from the table.

Global.Asa Sintax (MSDN)

Upvotes: 1

Related Questions