From my understanding after Googling the issue, the authentication ticket used by ASP.NET for user authentication expires after a set amount of time at which point any postback or page loads will cause the user to be redirected to a login page. However, there is no event that gets triggered when the ticket times out. Therefore, if I wish to implement a logout event, it won’t get triggered when the ticket expires.
My question is: Is there anyway to circumvent this issue? I need to log when users log out of my website but if the ticket times out and the user gets redirected to the login page and thinks that they’ve been logged out so they just close the browser, I will never have a record of when they log out.
Thanks
I saw this kind of behavior done by putting the custom object to asp.net cache. You set the cache timeout to the same time-frame as session and you refresh it every time user comes to the website. When cache timeout method is fired you know that user session ended.
This is dirty approach though, application can be restarted, user can return, session is ended, but it does not mean that user is logged out.