My question is about classic ASP, not ASP.Net. I ask expert here since search engine always tell me ASP.Net answers. My confusions are,

1. How to set session expiration time in classic ASP code or through configuration?
2. How to extend session expire time? Is there a session expire event?
3. How to know when session will expire?

thanks in advance, George

Please read this, I think it answers all your questions:

http://www.w3schools.com/ASP/asp_sessions.asp

George,

There is a session_end event on the server side, but I suppose what you want is to detect it on client side.

To do that, you must set a timer on javascript, to end for example one minute before the session timeout and popup an alert. The alert gives the user the choice to extend the session. If the user says yes, then you make a post of the form (or an ajax call or anything that generates a request on the server side and so extends the session).

George, ASP Classic sessions timeouts were finicky at best. I wouldn't rely on them. If you need to have more control over sessions I suggest you implement your own session management.

Session.Timeout = 5 'five minutes

The session will expire after the number of minutes you've specified with no activity. For instance, if you set a session variable, and the user doesn't do anything (like refresh) for 5 minutes, then the session will be abandoned by the server.

Or, you can abandon it yourself using Session.Abandon

Dont think you can find out when the session is going to expire bcos if say for ex. if the session timeout is 20 mins and the user is inactive for a period of say 19 mins and only 1 min is left and he/she clicks on the app, the session is valid for 20 mins more since it was activated.

Store the session cookie in your database instead of relying on the default classic asp session storage. Once stored in the database, you can keep it valid for as long as you like.

In my opinion, it's too easy to lose your session with ASP classic.