Prompt for Username/password on session time out

[Guest]

Hi,
I have a Web application with Windows authentication.
I have set a timeout of 20 minutes.

Once the application is opened from the client with the local system login,
IE prompts for user name and password. I give a valid domain account name and
password and the application works fine.

When the session timeout happens is it possible to prompt the user for user
name and password again (as if the session starts afresh)?

Thanks

 

[Mark Rae]

When the session timeout happens is it possible to prompt the user for user
name and password again (as if the session starts afresh)?

1) When the user successfully logs in initially, create a session variable
called "LoggedIn".

2) In the Page_Load of each page, check for Session["LoggedIn"]. If it's
there, proceed as normal. If it's not, do a Response.Redirect to your login
page passing a querystring e.g. Response.Redirect("login.aspx?Timeout=true")

3) In the Page_Load of your login page, check for the presence of
Request.Querystring["Timeout"]. If it's there and its value is true, inform
the user that their session has timed out and that they need to log in
again.

4) Once they've successfully logged in again, redirect them to the page they
were actually trying to get to:
Response.Redirect(Request.ServerVariables["HTTP_REFERER"])