i want to detect when a seesion is expired and show a specific page and other when user is not admin and so on but i never get on session expired it generates a new session but it always get on the if is authenticated but generated a new session id see code:
if (Session.SessionID != null)
{
if (HttpContext.Current.User.Identity.IsAuthenticated)
{
// auth OK
if (HttpContext.Current.User.IsInRole("Administradores"))
{
//admin
}
else
{
FormsAuthentication.SignOut();
Response.Redirect("~/SemFuncaoAdmin.aspx"); //not admin
}
}
else
{
// not logged in
Response.Redirect("~/Proibido.aspx");
}
}
else
{
//session expired
FormsAuthentication.SignOut();
Response.Redirect("~/SessaoExpirou.aspx");
}
}after the 20 min i should when on the last else but it wents on if (HttpContext.Current.User.Identity.IsAuthenticated) and auto-generated a new session id instead of asking to login again what should i change?
i'm using membership