Greetings, folks.<BR><BR>I&#039ve got a whole buncha pages in a "protected" directory. Each one has some code #included with SSI along the lines of:<BR><BR>&#060;%<BR> If Session("UserID") = Empty Then<BR> Response.Redirect("../login.asp")<BR> End If<BR>%&#062;<BR><BR>...which works just fine for kicking people out who haven&#039t yet logged in. But if someone *does* log in, and then for whatever reason his session times out, and then he clicks on a link to another protected page, he gets booted back to the login page with no explanation whatsoever. I&#039ve seen sites (primarily financial ones) that handle this situation gracefully: when the user clicks on a protected link, he gets taken to a page that says "Your session has timed out, please log in again". How do they do that? More importantly, how can *I* do that?<BR><BR>Thanks for any help. Email responses to greatly appreciated (this board gets so many posts that I&#039d hate to lose a reply through scrolling).<BR>