Thread was being aborted

E

enahar

Hi,

When I do the Login using the code below I am getting the
System.Thread.ThreadAbortException(Thread was being abortefd) on the last
line of the below code i.e.
Response.RedirectFormsAuthentication.GetRedirectUrluID,isPersistent));

there is no original URL, therefore it is returning Default.aspx.



I don't know why I am getting the above exception.





private void ButtonLogin_Click(object sender, System.EventArgs e)

{

string sessionID = "";

string uID = txtUsername.Text;

string pwd = txtPassword.Text;


bool isPersistent = false; try

{

ESMLoginResultEnum loginResult = ESMSecurityModule.Login(uID, pwd, out
sessionID);

string userData = sessionID;

switch(loginResult)

{

case ESMLoginResultEnum.OK:

{

FormsAuthenticationTicket ticket = new
FormsAuthenticationTicket(1,uID,System.DateTime.Now,System.DateTime.Now.AddMinutes(AUTH_TIMEOUT),isPersistent,userData,FormsAuthentication.FormsCookiePath);

// Encrypt the ticket.

string encTicket = FormsAuthentication.Encrypt(ticket);

HttpCookie cookie = new
HttpCookie(FormsAuthentication.FormsCookieName,encTicket);

cookie.Path = FormsAuthentication.FormsCookiePath;

// Create the cookie.

Response.Cookies.Add(cookie);

// Redirect back to original URL.

Response.Redirect(FormsAuthentication.GetRedirectUrl(uID,isPersistent));



break;

}

}

}

}



Regards,

Ekta
 
K

Karl Seguin

Enhar:
Response.Redirect("someUrl") always throws a threadAbort exception.
Response.Reidrect("someUrl") calls Response.Redirect("someUrl", true)
with true meaning "end the response". So Response.End() is called which
throws that exception.

If you want, you can avoid the error by doing Response.ReidrecT("someUrl",
false)

or you could swollow the exception in a try/catch

try{
Response.Redirect("someUrl")
}catch (ThreadAbortException ex){}

Karl
 
E

enahar

Hi,

Session is still not timing out when there is no activity by the user for 15
minutes.

My web.config settings are as below.
also in the login page for the ticket I am adding 15 minutes.


What is wrong i am doing it..


Regards,
Ekta




FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(

1,

uID,

System.DateTime.Now,

System.DateTime.Now.AddMinutes(15),

isPersistent,

userData,

FormsAuthentication.FormsCookiePath);

:



<?xml version="1.0" encoding="utf-8" ?>

<configuration>

<configSections>

<section name="AppConfiguration" type="PIT.ESH.Common.WebConfiguration,
PITSHCommon" />

</configSections>

<system.web>

<compilation defaultLanguage="c#" debug="true" />

<customErrors mode="RemoteOnly" />

<authentication mode="Forms">

<forms loginUrl="Security/Login.aspx" protection="All" timeout="2" path="/"
/>


</authentication>


<authorization>

<deny users="?" />

</authorization>

<trace enabled="true" requestLimit="10" pageOutput="false"
traceMode="SortByTime" localOnly="true" />

<sessionState mode="InProc" stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user id=sa;password="
cookieless="false" timeout="2" />

<globalization

requestEncoding="utf-8"

responseEncoding="utf-8"

culture="en-AU"

uiCulture = "en-AU"

/>

</system.web>

<AppConfiguration>

<!-- Application Settings -->

<add key="Web.EnablePageCache" value="true" />

<add key="Web.PageCacheExpiresInSeconds" value="3600" />

<add key="Web.EnableSsl" value="False" />

<add key="DB.ConnectionString" value="Data Source=DEVTEST-SQL1;User
ID=sa;Password=;Initial Catalog=Genesis2" />

<add key="Copyright.Message" value="© 2001-04 Positive IT Solutions Pty
Ltd." />

<add key="Copyright.EMail" value="" />

</AppConfiguration>

<appSettings>

<add key="Copyright.EMail" value="(e-mail address removed)" />

</appSettings>

<system.runtime.remoting>

<application>

</application>

</system.runtime.remoting>

<location path="default.aspx">

<system.web>

<authorization>

<allow users="?" />

</authorization>

</system.web>

</location>

<location path="Security">

<system.web>

<authorization>

<allow users="?" />

</authorization>

</system.web>

</location>

<location path="Public">

<system.web>

<authorization>

<allow users="*" />

</authorization>

</system.web>

</location>

</configuration>
 
S

Scott Allen

Hi,

Session is still not timing out when there is no activity by the user for 15
minutes.

My web.config settings are as below.
also in the login page for the ticket I am adding 15 minutes.


What is wrong i am doing it..


Regards,
Ekta
Click to expand...

Hi Etka:

Are you testing the Session timeout or the forms authentication ticket
timeout?
 
E

enahar

I am writing the following code in the web.config file and the Login.aspx.cs
for the sessiopn TimeOut and for the forms authentication ticket timeout.

Also I am writing the following code in the Body tag of the Login.aspx page

<meta http-equiv="Refresh" URL="../Security/Login.aspx>

even then Session is still not timing out when there is no activity by the
user for 15 minutes.What is wrong I am doing it.Please suggest.





code in the session_end is as follows:
protected void Session_End(Object sender, EventArgs e)

{

FormsAuthentication.SignOut();

if (Session["SessionID"] != null)

{

try

{

ESMSecurityModule.killSession(Session["SessionID"].ToString());

}

catch

{

}

}

}


WEB.CONFIG

<authentication mode="Forms">

<forms loginUrl="../Security/Login.aspx" protection="All" timeout="15"
path="/" />


</authentication>



and for the forms authentication ticket TimeOut I am writing the following
code in the Login.aspx page:



LOGIN.ASPX PAGE

FormsAuthenticationTicket ticket = new
FormsAuthenticationTicket(1,uID,System.DateTime.Now,System.DateTime.Now.AddMinutes(15),false,userData,FormsAuthentication.FormsCookiePath);

// Encrypt the ticket.

string encTicket = FormsAuthentication.Encrypt(ticket);

HttpCookie cookie = new
HttpCookie(FormsAuthentication.FormsCookieName,encTicket);

cookie.Path = FormsAuthentication.FormsCookiePath;

// Create the cookie.

Response.Cookies.Add(cookie);

// Redirect back to original URL.

Response.Redirect(FormsAuthentication.GetRedirectUrl(uID,isPersistent),false);







Regards,

Ekta
 
S

Scott Allen

Hi enahar:

Don't relay on the Session_End event. Have you tested by hitting the
site with the browser after over 15 minutes of inactivity?
 
E

Ekta Agarwal

Yes I have tested by hitting the
site with the browser after over 15 minutes of inactivity?

Regards
Ekta
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Login security for a form 11
:o( .... Client not redirected to login page. 5
FormsAuthentication.SignOut() not working when manually creatinga ticket? 3
Form-based Authentication 2
Hash Passwords 1
Authorization cookie not valid for subdomains ? 2
cookie lost when browing with Windows Explorer 1
Users are timing out, even while they work 6

Top