Login

Mikael Nilsson · 03-07-2023, 07:57 PM

Hi,

How do I set different Timeout for different Users?

jeroen.rottink · 03-09-2023, 09:17 AM

WebApplication.SessionTimeout is initialized with SessionController.SessionOptions.SessionTimeout on the start of a new session.
After it is initialized you can change it's value to change the timeout.

Both values are timeouts in minutes.

Mikael Nilsson · 03-09-2023, 10:16 AM

(03-09-2023, 09:17 AM)jeroen.rottink Wrote: WebApplication.SessionTimeout is initialized with SessionController.SessionOptions.SessionTimeout on the start of a new session.
After it is initialized you can change it's value to change the timeout.

Both values are timeouts in minutes.

Yes it works. Thanks.
Can you help me how to catch when a user gets timeout so I can show them a nice html page instead of this ugly "500 - Internal server error".
So the user can login again if he wants to.
We get many mails from our customers that just want to know what is wrong. Why does our application stop working so often.
It's not okey. Specially since several of our customers are the government and several authority..

jeroen.rottink · 03-09-2023, 10:40 AM

I use

Code:
SessionController.SessionOptions.RestartExpiredSession := True;

combined with

Code:
procedure TIWServerController.IWServerControllerBaseSessionRestarted(aSession: TIWApplication);

begin

  // mark session as restarted

  TIWUserSession(ASession.Data).Clipboard.Put('SessionRestarted');

  ASession.RunParams.Clear;

end;

In the form that is shown after a new session is started you can check this clipboard value to show the user a notification.

Code:
procedure TDlgAppForm.OnFormRender;

begin

  if UserSession.Clipboard.Get('SessionRestarted')

  then ShowAlert(atInfo, _('Sessie was verlopen. Nieuwe sessie gestart.'));

end;

Mikael Nilsson · 03-09-2023, 11:00 AM

(03-09-2023, 10:40 AM)jeroen.rottink Wrote: I use

Code:
SessionController.SessionOptions.RestartExpiredSession := True;

combined with

Code:
procedure TIWServerController.IWServerControllerBaseSessionRestarted(aSession: TIWApplication); begin // mark session as restarted TIWUserSession(ASession.Data).Clipboard.Put('SessionRestarted'); ASession.RunParams.Clear; end;

In the form that is shown after a new session is started you can check this clipboard value to show the user a notification.

Code:
procedure TDlgAppForm.OnFormRender; begin if UserSession.Clipboard.Get('SessionRestarted') then ShowAlert(atInfo, _('Sessie was verlopen. Nieuwe sessie gestart.')); end;

OK, But that starts a new session immediately. Which means that no resources are released and the reason for having a timeout is unnecessary.

I want the timeout to take affect and just redirect the user to a html page outside my application so the user can make the session if he wants to logon again or not.

jeroen.rottink · 03-09-2023, 11:35 AM

I understand. Just to clarify: the (old) session is still released at the moment the timeout is reached. When the user, after this timeout, interacts with the app a new session is started.

SessionController.SessionOptions.RestartExpiredSession should then be False in your case.
Have a look at the demos in https://github.com/Atozed/IntraWeb
Search for timeout and find some examples like https://github.com/Atozed/IntraWeb/tree/...ionTimeout
That should be a good starting point.

Have you checked where the '500 - Internal server error' comes from? When I press a button in an app after the session has timed out it doesn't give me an 500 error.

Mikael Nilsson · 03-09-2023, 11:40 AM

Exception message : Your session has expired due to inactivity.
Your session has expired. You will have to restart the application. In order to keep sessions from expiring you may set the session timeout parameter to a higher value. The current session timeout value is 30 minutes.
Exception class : EExpiredSession
Session ID : 3-R5u5BYwbGTWhfkJaiiGS7Oaxq
Exception address : 6DAC2722
Exception Time : 2023-03-03 08:32:05.242
------------------------------------------------------------------------------------------------------------------------
Application Name : isapiXIBwwd.dll
Application Version: 1.0.0.0
Started at : 2023-03-03 02:27:47.882
Running for : 6 hours 4 minutes 17 seconds
Computer Name : P-W-WWD-WEB01
Compiler Version : 350
------------------------------------------------------------------------------------------------------------------------
IntraWeb Version : 15.2.69
Multi-session : False
Content Path : d:\wwwroot\customerzone.opuscapita.com\wwd\wwwroot\
Session count : 27

jeroen.rottink · 03-09-2023, 01:01 PM

This code redirects the user to SessionTimeout.html when the session timeout occurs.
Be sure to register the mimetype .html as static because it is served without session validation.

Code:
procedure TIWServerController.IWServerControllerBaseConfig(Sender: TObject);

begin

  // register my own exception handler

  IWExceptionRenderer.SetExceptionRendererClass(TIWExceptionRendererEx);

  // register mimetype .html without session validation

  TIWMimeTypes.RegisterType('.html', 'text/html', True);

end;

{ TIWExceptionRendererEx }

class function TIWExceptionRendererEx.RenderHTML(AException: Exception; ARequest: THttpRequest): string;

var Addr: string;

begin

  // the goal here is to respond to a session timeout error with a HTML which

  // will restart a new session

  if AException is EExpiredSession then begin

    Addr := #39 + '/SessionTimeout.html' + #39; // wwwroot/SessionTimeout.html

    Result := '<!DOCTYPE html>' +

              '<html>' +

              '<head>' +

              '<script type="text/javascript">' +

              'setTimeout("window.location=' + Addr + '", 1);' +

              '</script>' +

              '</head>' +

              '<body>' +

              '</body>' +

              '</html>';

  end

  else

    Result := inherited;

end;

Mikael Nilsson · (This post was last modified: 03-09-2023, 03:45 PM by Mikael Nilsson.)

(03-09-2023, 01:01 PM)jeroen.rottink Wrote: This code redirects the user to SessionTimeout.html when the session timeout occurs.
Be sure to register the mimetype .html as static because it is served without session validation.

Code:
procedure TIWServerController.IWServerControllerBaseConfig(Sender: TObject); begin // register my own exception handler IWExceptionRenderer.SetExceptionRendererClass(TIWExceptionRendererEx); // register mimetype .html without session validation TIWMimeTypes.RegisterType('.html', 'text/html', True); end; { TIWExceptionRendererEx } class function TIWExceptionRendererEx.RenderHTML(AException: Exception; ARequest: THttpRequest): string; var Addr: string; begin // the goal here is to respond to a session timeout error with a HTML which // will restart a new session if AException is EExpiredSession then begin Addr := #39 + '/SessionTimeout.html' + #39; // wwwroot/SessionTimeout.html Result := '<!DOCTYPE html>' + '<html>' + '<head>' + '<script type="text/javascript">' + 'setTimeout("window.location=' + Addr + '", 1);' + '</script>' + '</head>' + '<body>' + '</body>' + '</html>'; end else Result := inherited; end;

Hi,

I tried your code. First in SA
I got 404 - Not found
http://127.0.0.1:8888/SessionTimeout.html

sorry I misspelled. It works

Mikael Nilsson · 03-09-2023, 04:47 PM

Hi,

I hope you still are willing to help me.

I don't understand this. Your code works perfectly when I test it in SA but when i deploy it to my webserver it don't work.
Then i Get 500 - Internal server error

Login
Username:
Password:	Lost Password?
	Remember me