I am trying to redirect automatically to my login page after session times out. I tried to add this code in my Main.Master page (all the other pages are connected to this master page):

protected void Page_Load(object sender, EventArgs e)
{
            //Redirects to Login Page 3 seconds before session timeout
            Response.AppendHeader("Redirect", Convert.ToString((Session.Timeout * 60) - 3) + "; URL=~/Login.aspx");
}

I configured the session timeout to 1 minute in my web config:

<sessionState mode="InProc" cookieless="false" timeout="1"/>

but nothing happens

Can anyone help me find the problem with this code, or has other ideas how to make it work?

Edit: Authentication node from web.config

<authentication mode="Forms">
    <forms name=".CAuthenticated" loginUrl="Login.aspx" protection="All" 
    timeout="20"/>
</authentication>

AppendHeader is documented as causing an exception if "header is appended after the HTTP headers have been sent" You need to make sure AppendHeader is called before the HTTP headers have been sent. Depending on your master page, the Load event might be too late. You could try the Init event instead.

protected void Page_Init(object sender, EventArgs e)
{
    if (Session["Username"] == null)
    {
        Response.Redirect(ResolveClientUrl("~/login.aspx") + "?returnURL=" + HttpContext.Current.Request.Url.AbsolutePath);
    }
    else
    {
        lblUsername.Text = Session["Username"].ToString();
    }
}

Here is an example I have that works for me:

    <authentication mode="Forms">
      <forms loginUrl="~/Login/Index" defaultUrl="~/Admin" timeout="20">
      </forms>
    </authentication>

If you have this, there is no need for you to check the timeout cookie yourself. This is assuming you are using Forms Authentication.

I think you need to use Refresh instead of `Redirect' in your header:

Response.AppendHeader("Refresh",
    Convert.ToString((Session.Timeout * 60) - 3) +
    ";URL=~/Login.aspx");