locked
Users not logged in on certain pages RRS feed

  • Question

  • User-1402564948 posted

    Today I went to visit my website and on the default page, I was logged in as another user.

    I clicked logout and got an error.

    When a user logs in, they are logged in across the website with the exception of the default page.

    I've tried removing session stage and view state, but I'm not quite understanding what's happening.

    What is the standard for logged in users?  Does the master page handle the sessionstate?

    Masterpage:

    <%@ Master Language="VB" AutoEventWireup="true" CodeBehind="Site.master.vb" Inherits="toc.SiteMaster" EnableViewState="True" %>
    
    Protected Sub master_Page_PreLoad(sender As Object, e As EventArgs)
            If Not IsPostBack Then
                ' Set Anti-XSRF token
                ViewState(AntiXsrfTokenKey) = Page.ViewStateUserKey
                ViewState(AntiXsrfUserNameKey) = If(Context.User.Identity.Name, [String].Empty)
            Else
                ' Validate the Anti-XSRF token
                If DirectCast(ViewState(AntiXsrfTokenKey), String) <> _antiXsrfTokenValue OrElse DirectCast(ViewState(AntiXsrfUserNameKey), String) <> (If(Context.User.Identity.Name, [String].Empty)) Then
                    Throw New InvalidOperationException("Validation of Anti-XSRF token failed.")
                End If
            End If
        End Sub

    Default page:

    <%@ Page Title="" Language="VB" MasterPageFile="~/Site.Master" EnableSessionState="True" EnableViewState="true" AutoEventWireup="true" CodeBehind="default.aspx.vb" Inherits="toc._Default" %>
    <%@ Import Namespace="toc" %>
    <%@ Import Namespace="Microsoft.AspNet.Identity" %>

    Friday, November 18, 2016 4:02 PM

All replies

  • User753101303 posted

    Hi,

    AFAIK this kind of issue is often caused by using shared data (or a module). Else maybe some server side caching issue?

    Friday, November 18, 2016 6:21 PM
  • User36583972 posted

    Hi  dvdgzzrll,

    From your description, I suggest you can use the " System.Web.Security.FormsAuthentication.RedirectFromLoginPage" method to save the users status when the users login the website until they sign out ( use "System.Web.Security.FormsAuthentication.SignOut()" method to sign out )

    You can refer the following link below for more information about "FormsAuthentication.RedirectFromLoginPage" method.

    FormsAuthentication.RedirectFromLoginPage Method (String, Boolean):

    http://msdn.microsoft.com/en-us/library/ka5ffkce.aspx

    Keep User Logged in and automatically Login User using Forms Authentication and Cookies in ASP.Net :

    http://www.aspsnippets.com/Articles/Keep-User-Logged-in-and-automatically-login-user-using-Forms-Authentication-and-Cookies-in-ASPNet.aspx

    Permanent User Login Session In ASP.NET:

    http://www.codeproject.com/Articles/265812/Permanent-User-Login-Session-In-ASP-NET

    Best Regards,

    Yohann Lu

    Tuesday, November 22, 2016 6:07 AM
  • User-1402564948 posted

    Code First does not use forms authentication.

    Friday, November 25, 2016 8:12 PM
  • User36583972 posted

    Hi dvdgzzrll,

    I clicked logout and got an error.

    You can include all necessary messages/screenshots for anyone else to be able to analyze your issue from scratch along with a detailed description about the results, including any exception messages that you get and the results you are expecting.

    When a user logs in, they are logged in across the website with the exception of the default page

    You should check the following code to make sure there is no jump to the error page, please debug steps by steps.

     If Not IsPostBack Then
                ' Set Anti-XSRF token
                ViewState(AntiXsrfTokenKey) = Page.ViewStateUserKey
                ViewState(AntiXsrfUserNameKey) = If(Context.User.Identity.Name, [String].Empty)
            Else
                ' Validate the Anti-XSRF token
                If DirectCast(ViewState(AntiXsrfTokenKey), String) <> _antiXsrfTokenValue OrElse DirectCast(ViewState(AntiXsrfUserNameKey), String) <> (If(Context.User.Identity.Name, [String].Empty)) Then
                    Throw New InvalidOperationException("Validation of Anti-XSRF token failed.")
                End If
            End If

    Best Regards,

    Yohann Lu

    Friday, December 2, 2016 9:40 AM