Hi Ulf,
Thanks for response!
-----------------------------------------------------------------------
After that interval the session expires, so if you check for a valid session, there won't be one. In that case, redirect the user to the login page (unless he's coming from the login page, but in that case the request should contain the username and password he just entered).
------------------------------------------------------------------------
I do agree with the above solution but some how it's not fitting into my requirement. What I would like to do is,
1) As long as user is performing some action I don't want kill user session. (This is the case I need to keep on extending his session interval)
2) User just logged on to the application and not doing anything just sitting idle (Server is not receving any requests from the user) for 10 min (again idle time for each user is different, If user is Admin session never expires for him) then Kill/invalidate the user session take him back to dash board.
3) Let me give you a scenario..if I logged on to
https://online.lloydstsb.co.uk/customer.ibc and you are doing some action like money trasfering, profile updating......anything your session never expires if you sit idle for 10 min your session will expires.
Yes I want to implement the same
How they are managing the session?
Many thanks,
Sirish