locked
LoginStatus Logout not working RRS feed

  • Question

  • User1609764828 posted

    I am at wits end here.

    I have a loginstatus control on a master page. 

    <asp:LoginStatus runat="server" id="LoginStatus1" />

    When logged in using Forms Auth,  I click LogOut and I get the following page with a bunch of jibberish in the url.

     

     

    I have set the LogoutAction=RedirectToLoginPage and that did not work.

    I also set the event OnLoggingOut  to a custom function and it did not get hit.

    Another thing I tried was setting the LogoutAction to "Redirect" and set the LogOutPageUrl to my Login Page and that did not fire.

    Any ideas?

    Tuesday, September 11, 2007 3:24 PM

All replies

  • User1251706502 posted

    RedirectToLoginPage redirects the browser to the LoginURL specified in your web.config file. 

    <authentication mode="Forms">
      <forms loginUrl="login.aspx"
        defaultUrl="index.aspx" />
    </authentication>
    If you have this set up already can you post more of your code to better troubleshoot this?
    Thanks
     
    Tuesday, September 11, 2007 4:03 PM
  • User1609764828 posted

    Yes I am aware of that. It is not working. Here is the section from my web.config

     

    <authentication mode="Forms">

    <forms loginUrl="Login.aspx" protection="All" timeout="30" name=".ASPXAUTH"

    path="/" requireSSL="false" slidingExpiration="true" defaultUrl="default.aspx" cookieless="UseDeviceProfile"

    enableCrossAppRedirects="false">

    </forms>

    </authentication>

     Login.aspx exists. It is my login page.

    What other code did you wish to see?

    Tuesday, September 11, 2007 4:10 PM
  • User1251706502 posted

    Can you also include your code for logging out and the url that your are redirected to?

    Tuesday, September 11, 2007 4:26 PM
  • User1609764828 posted

    I don't have any logout code. It is my understanding that with what I have currently, when  the user clicks the logout link on the loginstatus control, they will be taken to the login page. Is this incorrect?

     At one point in the loginstatus control, I had LogoutAction=Redirect and LogOutPageUrl=Login.aspx to force it, but that did not work either.

     Another thing I tried was writting a custom function for the OnLogingOut event of the control, but it never got hit.

     

    Tuesday, September 11, 2007 4:36 PM
  • User1251706502 posted

    The way you had it with LogoutAction=Redirect and LogOutPageUrl=Login.aspx looks like it was corretly set up.  Have you tried to turning off the protection property to try to verify which page you are being redirected to?

    Also to clarify my previous post, if you have the LougoutAction set to RedirectToLoginPage for the LoginStatus control it will the user to the login page defined in the application configuration settings as opposed the RedirectToLoginPage method for the FormsAuthentication class which will redirect you to the LoginURL specified in the Web.config.

    Tuesday, September 11, 2007 5:54 PM
  • User1609764828 posted

    Turning protection off changed nothing. I am still stuck here.

    Wednesday, September 12, 2007 9:48 AM
  • User1609764828 posted

    I seemed to have found the problem..or a solution depending on how you view it.

     

    I had my startup page set to a page in a sub directory and not in the root. I changed the startup page to be a page in the root (which is where login.aspx exists) and now it works as expected. I do not think it should have acted like this though.

    Wednesday, September 12, 2007 12:10 PM
  • User1609764828 posted

    And the minute I posted it was working....it stopped working. I did not change a thing. Nice.

    Wednesday, September 12, 2007 12:18 PM
  • User-186742165 posted

    <authentication mode="Forms">

    <forms loginUrl="Login.aspx"

    Hi

    You can apply absolute path for loginUrl property like this, will it help?

    <authentication mode="Forms">

    <forms loginUrl="~/Login.aspx"

    Thursday, September 13, 2007 5:08 AM
  • User1609764828 posted

    Tried this before and tried it again. It did not solve the problem. Clicking logout still takes me to a "Internet Explorer cannot display this page".

     

    Is they ANYTHING else I can try??

    Thursday, September 13, 2007 8:58 AM
  • User1609764828 posted

    Ok, I have discovered something but I do not have a solution. Using the above code setting the absolute path "~/page.aspx" where page.aspx is in the web root....

     1) If the user is in a subdirectory and they click Logout, "Page cannot be displayed" happens.

     2) If I navigate back to a page in the web root and then click the Logout link, everything works as expected. I am logged out and taken to the the Login Page.

    It seems I MUST be in the root for the Logout to work (which does not make sense). Another example is I hardcoded a URL into the LogoutPageUrl to be http://espn.go.com/; If I was in a subdirectory and clicked Logout, again I got the "Page cannot be displayed". But if I navigate back to the root and click logout, I was taken to espn.com.

     Ideas?

    Thursday, September 13, 2007 9:20 AM
  • User199264078 posted

    <authentication mode="Forms">
          <forms name=".ASPXFORMSAUTH" loginUrl="~/Anonymous/Login.aspx" />
    </authentication>

     this works well for me, as you see login page is not at the root

    <asp:LoginStatus ID="LoginStatus1" CssClass="LoginStatusLinks" runat="server" meta:resourcekey="LoginStatus"/>


     pay attention  - very often ppl creates two LoginStatus controls within LoginView control - one for Anonymous template and one for LoggedIn template (as for me it is not very clever but i met a lot of times when ppl complained on LoggedOut Event e.g. does not fire up.. they just confused between two LoginStatus controls )

    Saturday, September 22, 2007 2:26 PM
  • User-2109316933 posted

    set the LogoutAction to "Redirect"

    <asp:LoginStatus ID="LoginStatus1" runat="server" LogoutAction="Redirect" LogoutPageUrl="~/Default.aspx" />

    Tuesday, October 21, 2008 5:02 PM
  • User-1567245235 posted
    I was having this same problem... found this discussion hoping to find an answer to my problem. It was helpful and pointed me in the right direction. Here is the solution to my problem.<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p>I have multiple subdirectories that I use to give access to different roles set up for forms authentication. All my pages were working (logout functionality) fine except for two. They were both in the same directory. It was a small change in my web.config file.<o:p></o:p> My authentication section was good, no change. Just wanted to show how I had set mine up.<o:p></o:p><authentication mode="Forms"> <forms loginUrl="LoginUser.aspx" defaultUrl="Default.aspx" timeout="30" protection="All"/>

    </authentication>

    I made a change here to deny unauthenticated users. I'm sure not everyone is using roles like I am.  The <deny users="?"/> line that will take the user to the login.aspx page. The commented code is how I had it set up first.

    <!-- Security access to Subscriber folder -->

    <location path="Subscriber">

    <system.web>

    <authorization>

    <deny users="?"/>

    <allow roles="RoleA, RoleB, RoleC"/>

    <deny roles="RoleD"/>

    <!--<allow users="?"/>-->

    <!--<deny roles="RoleD"/> </authorization> </system.web>

    </location>

    Hope this helps!<o:p></o:p>
    Tuesday, February 24, 2009 1:19 PM
  • User-1922837592 posted

    I ran into a similar problem and thought I'd share my "solution" with you, although I didn't find out what exactly the problem was:

    It was pretty simple, I just removed the LoginStatus Tag from within the LoginView Tag and inserted it behind the LoginView Tag (but outside of it)... suddenly it worked again... I recently removed the Anonymous Template and it might have something to do with that (although readding it didn't help). Now I just added the attribute LoginText="" to the LoginStatus Tag and it won't show me any Login Text either... hope it helps some other desperate soul out their ;)

    Wednesday, April 16, 2014 1:33 PM
  • User1684509193 posted

    If your redirect page (after logout) have any code in oninit method, try to put your code inside

    if(!Page.IsPostBack){}

    Monday, January 5, 2015 7:44 PM