Controlling Browser Session Timeout

The content for today’s post was contributed by Jonathan Greenstreet, ASNA Europe Regional Manager UK/Ireland/Netherlands/Scandinavia/South Africa.

ASNA offers products and technologies that will transform the green screen user interface, of RPG based applications running on the IBM i server, into a browser based graphical user interface. One of the challenges of modernizing and migrating the user interface is to make the migration as seamless as possible for the legacy end user community. ASNA has been resolving these challenges for many years with a combination of innovative products, technologies and professional services.

In today’s post Jonathan offers a very simple and effective way of controlling browser session timeout duration, so that the modernized user interface behaves in a way that legacy application users are familiar and comfortable with.

How to stop the browser from timing out with iFrame or jQuery

To enable the browser not to time out when it is inactive and to enable the server to close down the session soon after the browser has been closed.

Reason for requirements
The default session timeout for Internet Information Server (IIS) is 20 minutes. Although this is normally fine for a typical web application it is not the expected behavior that a traditional 5250 user expects.

A 5250 user expects the application to be available while the browser is open and for the connection to be freed up as soon as the web browser is closed.

Although it is possible in some browsers using JavaScript to detect when they close down, it is not a reliable way to ensure the closing of a session in a timely manner.

Alternative approaches and problems they can cause
The session timeout time can be increased or decreased, by adjusting the time (in minutes) for the sessionState in the web.config file of the project.

The problem with having a long timeout set is that, if the browser is closed while in the application and no notification is sent to IIS about this, the session will remain open for the duration of its set timeout. This can cause problems if database connections are left open and file locks are retained, it will also not allow other resources to be released until the session ends.

The problem with having a short timeout set is that the user has to continually interact with the application to keep their session active and prevent it from timing out. This is the opposite of what a user coming from a 5250 environment expects.

Both the following solutions allow you to set the sessionState timeout to its lowest value of 1 minute and allow the application without user interaction to notify IIS that the session should still remain open.

The limitation with both of these solutions is that the session may remain active for a least a minute after the browser has been closed.

Solution 1: iFrame
Create a new aspx page in the project for the browser to communicate with. The page does not need to have code placed in a separate file.

The page can be extremely simple. In the example below I have created a page “Reconnect.aspx” in the root of the directory.

The language could also be C# or VB.

Ensures that the page is never cashed and a new one is delivered every time

Allows the page to be refreshed at required intervals. We have set this to 55 seconds so that it is less than the 60 seconds at which the session timeout is set.

Returns the path relative to the current page. This is very important if you want to use a cookie less environment.

In all the application pages or, better yet, in the master pages add the following iFrame

Finally to ensure the session is set to timeout after 1 minute set the timeout for the sessionState to 1 minute

Solution 2: jQuery
Ensure that your pages or master pages that are required not to time out have the jQuery .js available to them.

Create a new page. In the example below I have created a page “Reconnect.aspx” in the root of the directory.

Add the following JavaScript to the required pages of master pages;

Finally to ensure the session is set to timeout after 1 minute set the timeout for the sessionState to 1 minute

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">