xuanthinh
asked on
Problem with Login and Logout???
Hi all,
I had create form login.aspx and default.aspx with authentication mode="Forms".
The first time I access to system (default.aspx), it redirect to login form . After input user and password the system show default form (it ok).
After that I sign out, by the following code, it redirect to login form (seem ok), but at that time I can access direct default form by type default.aspx in url (the system did not redirect to login form)
FormsAuthentication.SignOu t();
//abandon session
Session.Abandon();
Response.Redirect("~/Login .aspx");
How to solve thia problem? Please help me!
Thank you very much
I had create form login.aspx and default.aspx with authentication mode="Forms".
The first time I access to system (default.aspx), it redirect to login form . After input user and password the system show default form (it ok).
After that I sign out, by the following code, it redirect to login form (seem ok), but at that time I can access direct default form by type default.aspx in url (the system did not redirect to login form)
FormsAuthentication.SignOu
//abandon session
Session.Abandon();
Response.Redirect("~/Login
How to solve thia problem? Please help me!
Thank you very much
try to clear out the sessions before singnout and see if that works
ASKER
I had do that but it did not ok
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I'm guessing that you can get to the default form, but if you try and access any other secure form, you might not be able to.
I think you are having problems with content expiration headers. Your browser may be showing you a previous version of that page.
Try putting a label that prints the current DateTime at the top of the page (with a format like dd/MM/yyyy HH:mm:ss - the seconds are important). Log in and note what it says. Wait five seconds, then log out. Now type default.aspx in the url as you did before. Does the datetime change or is it the same as when you logged in?
Andy
I think you are having problems with content expiration headers. Your browser may be showing you a previous version of that page.
Try putting a label that prints the current DateTime at the top of the page (with a format like dd/MM/yyyy HH:mm:ss - the seconds are important). Log in and note what it says. Wait five seconds, then log out. Now type default.aspx in the url as you did before. Does the datetime change or is it the same as when you logged in?
Andy
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for your helps!