Discuss "Maintaining Form Data after forms authentication timeout" in the .Net Development forum.

I'm using forms authentication on my site to validate users.

When a user is timed out and redirected to the login screen, I want to be able to save the form data from the page they were on and retrieve it when they log back in and are redirected back to that page.

For instance, let's say the user is writing an email and then has to take a phone call. When they return to the site, they complete the email and click send. But whilst on the phone they were timed out and so they are redirected to the login screen. What I want to do is save the details they had in the email and then populate this back into the email form when they log back in.

In classic ASP I used to save the form details in a number of session variables before checking if the user was timed out. I was then able to retrieve these details when the user logged back in.

Any ideas how I can do this in .NET?

Depending on security protocols, you can do a few different things.

One option is to use AJAX to auto-save form content to a database over time.

Another option is to use an iframe that reloads a few minutes before the session expires, thus keeping the session alive while a user is on that page.

Also, there is something in the UI Application block with a configured persistence layer. However, I don't know much about this, so this would require some research.

__________________
jmurrayhead
If you agree with me... click the icon!
If my post solved your problem, click the button in the lower right-hand corner of the post.

Join our Folding team: DeveloperBarn Folding

Is there anyway of "catching" the forms authentication before it redirects to the login page?

As in my classic ASP example. If I can establish when the authentication/timeout occurs, perhaps I can add something before this to save the form data to session/cookie variables.

Might do some testing with the page events to see if I can grab the data before it authenticates.

Well, if you know what the session timeout is, that should be easy to do with AJAX. Just before the session times out, grab the form data and save it to a cookie. Not sure a session would work for you seeing as the session is about to timeout.

Problem is what if, for example, the user leaves the computer for an hour, then types a whole load of text in the email?

I'd only have the info saved from when the session timed out, not the whole text that they'd typed.

As long as I can grab the data before it redirects, I can then just save it into a cookie.

How do you stop a page from processing? Can you just put response.end?
If I'm testing it, I want to try and see if I can put code in different page events to prevent the redirect.

I have an update panel on the page and the update progress associated with this update panel appears before it redirects, so I wonder if I could call a JS function on the button click to save the form data?

Good point...and I would think that the AJAX call might refresh the session. I'm not 100% on that, though. I'm sure using Javascript, you could store the data in a cookie on the onclick event.

Here is some information regarding the UI Application block: Introduction to the UIP Application Block

This would probably take some time, though.

RR;
You example sounds pretty much like what gmail does when I'm composing an e-mail. I'm only guessing here, but it seams that if I stop typing for about 2 seconds, the contents of my e-mail is saved -- perhaps some kind of timer triggered by key press events?

That sounds like a heck of a potential load on the server if you're firing back each time a key is pressed.

Also, wouldn't that timeout if, say, you left the machine and then went back after it timed out and started typing again?

Any idea how they do it.

It seems like something fairly obvious to me, but can't find anything about it on google.

Well Google has lots of server -- but I'm guessing it's stored on the client. I'm assuming the client still run the save routine after the session times out. Not a clue as to how they do it -- but offered only as a random thought

Thanks Wolffy

At the moment I'm writing a JS function to get all the form input boxes, taking out __VIEWSTATE etc. and drop them into a cookie with input id as the key and input value as the value. This is called when the Send button is clicked.

Now I'm just working on a JS function to retrieve these cookie values. I'm just struggling at the moment to work out where to put the call. Ideally it'd be in body onload, but that's inside a Master Page and I'm not sure I can access it as a control.