I created a log-on form that verifies a username and password to username/password fields in a database. If the user is a valid user, I create a session variable and assign it the username. I use this session variable for security throughout the web application. My problem is after 20 minutes the session state restart and the session variable no longer has the username assigned to it and my security is lost. Is there a way that I can redirect the user to the log-on screen if the session times out? I don't want to increase the timeout in the web.config file since some users may leave the browse open for a unpredictable amount of time.

Thanks,

James