locked
Cannot logout.. RRS feed

  • Question

  • User1940733792 posted

    Hello...

    When I am loggin in to my site I am using the following code:

    Dim ticket As FormsAuthenticationTicket = New FormsAuthenticationTicket(1, UserName, DateTime.Now, DateTime.Now.AddMinutes(30), True, p.Roles, FormsAuthentication.FormsCookiePath)
                Dim hash As String = FormsAuthentication.Encrypt(ticket)
                Dim cookie As HttpCookie = New HttpCookie(FormsAuthentication.FormsCookieName, hash)

                ' Set the cookie's expiration time to the tickets expiration time
                If (ticket.IsPersistent) Then
                    cookie.Expires = ticket.Expiration
                End If

                ' Add the cookie to the list for outgoing response
                Response.Cookies.Add(cookie)

                Dim ReturnURl As String = Request.QueryString("ReturnURL")

                If ReturnURl <> "" Then
                    Response.Redirect(ReturnURl)
                Else
                    Response.Redirect("/Admin/")
                End If

    In my global.asax I have:

    Protected Sub Application_AuthenticateRequest(ByVal sender As [Object], ByVal e As EventArgs)
            If Not (HttpContext.Current.User Is Nothing) Then
                If HttpContext.Current.User.Identity.IsAuthenticated Then
                    If TypeOf HttpContext.Current.User.Identity Is FormsIdentity Then
                        Dim id As FormsIdentity = CType(HttpContext.Current.User.Identity, FormsIdentity)
                        Dim ticket As FormsAuthenticationTicket = id.Ticket
               
                        ' Get the stored user-data, in this case, our roles
                        Dim userData As String = ticket.UserData
                        Dim roles As String() = userData.Split(","c)
                        HttpContext.Current.User = New GenericPrincipal(id, roles)
                    End If
                End If
            End If
        End Sub

    And when i logout i use the following:

    Session.Abandon()
                Session.Contents.RemoveAll()
                HttpContext.Current.User = Nothing
                FormsAuthentication.SignOut()

                Response.Redirect("/")

    But nothing happens....

    It redirects me to the frontpage, but i am still logged in...

    So i can't logout.. And i have tried to delete the browser cache, but no luck..

     What could be wrong?

    Wednesday, June 4, 2008 2:04 PM

Answers

  • User-186742165 posted

    Hi

    For performance reason, the client browser may cache this visited page for a period of time, Try to specify no-cache headers in order to protect view of a local copy in history might help.


    <html xmlns="http://www.w3.org/1999/xhtml" >

      <
    head runat="server"
    >
        <
    title>Untitled Page</title>

            <meta http-equiv="Pragma" content="no-cache">
            <meta http-equiv="Expires" content="-1">
            <meta http-equiv="CACHE-CONTROL" content="NO-CACHE">

      </head>

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, June 5, 2008 11:38 PM
  • User-1763611275 posted

    Hi

    Try this with LoginStatus1 control

    protected void LoginStatus1_LoggedOut(object sender, EventArgs e)
        {
            FormsAuthentication.SignOut();
            Roles.DeleteCookie();
            Session.Clear();
        }
     
    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Sunday, June 8, 2008 3:08 AM

All replies

  • User-209105085 posted

    Try to to remove cookie too,

    Response.Cookies.Remove(FormsAuthentication.FormsCookieName)

    Wednesday, June 4, 2008 2:11 PM
  • User1940733792 posted

    No i still does't work :(

    Thursday, June 5, 2008 5:48 AM
  • User-186742165 posted

    Hi

    For performance reason, the client browser may cache this visited page for a period of time, Try to specify no-cache headers in order to protect view of a local copy in history might help.


    <html xmlns="http://www.w3.org/1999/xhtml" >

      <
    head runat="server"
    >
        <
    title>Untitled Page</title>

            <meta http-equiv="Pragma" content="no-cache">
            <meta http-equiv="Expires" content="-1">
            <meta http-equiv="CACHE-CONTROL" content="NO-CACHE">

      </head>

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, June 5, 2008 11:38 PM
  • User-1763611275 posted

    Hi

    Try this with LoginStatus1 control

    protected void LoginStatus1_LoggedOut(object sender, EventArgs e)
        {
            FormsAuthentication.SignOut();
            Roles.DeleteCookie();
            Session.Clear();
        }
     
    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Sunday, June 8, 2008 3:08 AM