Identifying the logged in user from different browser tab in asp.net

Question

I have a website with login option in asp.net.

if i open website in two browser tabs and logged in with same user account and navigated to homescreen in both tabs , now i am logged out from one tab and again logged in same tab,after that i clicked on the second tab,

how can i discriminate that i am sending request from first tab or second tab from code behind?

If the request is from second tab i need to navigate the application to login screen.How can i do this?

in my home page i had added the logic like

if (Session["UserID"] == null)
{
   Response.Redirect("Login.aspx");
}

but the problem is that when i logout from first tab and login in again there, and after that second tab refreshed Session["UserID"] is not null so it will stay there.But i need to redirect login page .how can i achieve this??

Answer 1

May I suggest you to use JavaScript and Ajax Post for redirection. I use it for myself, and find it reliable, satisfying the need. I still think there may be far better ways to do this. But for now this will do your job.

Below code checks for tab focus/focus lost, and calls a Csharp code on Blur and focus.

    <script type="text/javascript">
        //divClearMessages
        $(window).on("blur focus", function (e) {
            var prevType = $(this).data("prevType");


            if (prevType != e.type) {   //  script for Please Come Back
                switch (e.type) {
                    case "blur":
                        // Use this if you want to check something after user changes tab
                    case "focus":
                        $.ajax({
                            type: "POST",
                            url: "main.aspx/CheckIfSessionIsNull", // Call here the Csharp method which checks the session and redirect user
                            contentType: "application/json; charset=utf-8",
                            dataType: "json",
                            success: function (retValue) {
                                // Do something with the return value from.Net method
                            }
                        });
                        break;
                }
            }

            $(this).data("prevType", e.type);
        })
    </script>

In Code behind add this method: (remember to add the [WebMethod] attribute)

    [System.Web.Services.WebMethod]
    public static void CheckIfSessionIsNull()
    {
       if (System.Web.HttpContext.Current.Session["UserId"] == null)
          HttpContext.Current.Response.Redirect("Login.aspx");
    }

Answer 2

Essentially your problem is that tabs belonging to the same browser process share cookies, so each tab is using the same Session and session cookie.

You can work around this by turning off session cookies as documented on MSDN:

<configuration>
  <system.web>
    <sessionState cookieless="true"
      regenerateExpiredSessionId="true" />
  </system.web>
</configuration>

ASP.NET maintains cookieless session state by automatically inserting a unique session ID into the page's URL.

Each new tab visit to a URL without a session ID in it will start a new session.

Alternatively, you could generate some unique ID in your initial page load event and store/retrieve your session variables by wrapping them in a class and storing an instance of that class under the new ID inside the session.

Credit and more information.