看起来好像你必须做这个客户端，我更喜欢 JavaScript/jQuery 和 AJAX，而不是那个方法.这是一个如何做的例子.

Seeing as though you have to do this client side I'd favour JavaScript/jQuery and AJAX over that method. Here's an example of how to do it.

基本上你只是设置了一个 AJAX 调用来轮询一个脚本，该脚本返回(以 JSON 格式)用户是否登录；如果不是，那么您可以将它们转移到另一个页面.

Essentially you just set-up an AJAX call to poll a script which returns (in JSON format) whether the user is logged in or not; if they're not then you can transfer them to another page.

这种方法的好处是你可以随时轮询；例如每 10 秒查看用户是否仍在登录，而不必等待整整一个小时.这也意味着您不需要在代码中说明会话超时数字，因此您可以在 IIS 中确定它.此外，如果用户在您系统的其他地方注销，或者您的应用程序池被回收并且他们的会话被重置，这将很快检测到它.

The benefits to this method are that you can poll whenever you want; e.g. every 10 seconds to see whether the user is still logged in rather than having to wait a full hour. It also means that you don't need to state the session time-out figure in your code and so you can leave that to be determined in IIS. Also if the user logged off elsewhere in your system, or your application pool recycled and their session was reset this would detect it fairly quickly.

我从您的个人资料中注意到您是一名狗仔队摄影师.我认为这是 DSLR 方法和响应标头方法是廉价手机摄像头方法:o.

I notice from your profile that you're a Paparazzi photographer. I'd consider this the DSLR method and the response header method the cheap phone camera method :o.

要构建您的会话检查器页面，请创建一个名为 session.asp 的文件(与您的其他文件在同一文件夹中，以使生活更简单).在里面写:

To build your session checker page create a file called session.asp (in the same folder as your other files to make life simpler). In it put:

<%
Response.ContentType = "application/json"
If Session("LoggedOn") Then
   Response.Write "{""loggedOn"": true}"
Else
   Response.Write "{""loggedOn"": false}"
End If
%>

如果用户已登录，则返回 {"loggedOn": true}，如果未登录则返回 {"loggedOn": false}.这就是我们将在您的其他页面上使用的内容，以通过定期调用此页面并阅读响应来轮询他们是否已登录.

If the user is logged in it returns {"loggedOn": true}, if they're not {"loggedOn": false}. This is what we'll use on your other page to poll if they're logged in by calling this page periodically and reading the response.

现在到您最初包含 Response.AddHeader 代码的页面上.删除所有代码，因为它会替换它.

Now onto your pages which originally had your Response.AddHeader code in. Remove all of your code as this replaces it.

首先确保您的页面上引用了 jQuery:

First make sure you have a reference to jQuery on your pages:

<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js"></script>

然后在这一行下面放上:

And then put under this line the following:

<script type="text/javascript">
    $(document).ready(function() {

        var checkLoggedOn = function() {
            $.getJSON('session.asp', function(data) {
                if (!data.loggedOn)
                    window.location.replace("http://***.com");
            });
        };

        // Call checkLoggedOn every x milliseconds
        setInterval(checkLoggedOn, 30000);
    });
</script>

一切顺利，它应该可以工作.我将上述设置为每 30 秒 (30000) 轮询一次，但您可以根据需要将其增加/减少.

All being well, it should work. I set the above to poll every 30 seconds (30000) but you could increase/decrease this to whatever you wanted.

请注意，我从 https://***.com/a/4928564/171703 借用了上面的大部分代码和 https://***.com/a/2709160/171703.

Note I borrowed large parts of the code above from https://***.com/a/4928564/171703 and https://***.com/a/2709160/171703.

从下面的评论中，如果您希望用户的会话在超时后过期(无论他们是否保持会话处于活动状态)，那么您可以这样做.

From the comments below, if you want the user's session to expire after the timeout figure (whether they are keeping their session alive or not) then you could do this.

当用户登录后，为 LoginExpiration 设置一个新的会话变量:

When the user is logged in, set a new session variable for LoginExpiration:

Session("LoginExpiration") = DateAdd("n", Session.TimeOut, Now())

这需要当前时间并将会话超时数字添​​加到其中 - 为您提供应该销毁会话的时间.

This takes the current time and adds to it the session timeout figure - giving you the time when their session should be destroyed.

如果您现在将 session.asp 修改为以下内容，它将采用 LoginExpiration 数字并在以下情况下返回用户未登录:

If you now modify your session.asp to the following it takes the LoginExpiration figure and returns that the user is not logged in the event of:

1. 用户会话已超时(IIS 应用程序池已重置，或者他们单击了注销等)
2. 当前日期/时间大于设置的 LoginExpiration 时间

即:

<%
Response.ContentType = "application/json"

LoggedOn = "false"
LoginExpiration = Session("LoginExpiration")
DateNow = Now()

If IsDate(LoginExpiration) Then
    If DateNow < LoginExpiration Then
        LoggedOn = "true"
    End If
End If

Response.Write "{"
    Response.Write """loggedOn"": " & LoggedOn & ", "
    Response.Write """loginExpiration"": """ & LoginExpiration & """"
Response.Write "}"
%>

我已将 loginExpiration 数字放入 JSON 响应中，以便您也可以在客户端使用它.

I've put the loginExpiration figure into the JSON response so you could work with it client side if you wanted too.