Problem with Login and Logout???

Hi all,

I had create form login.aspx and default.aspx with authentication mode="Forms".

The first time I access to system (default.aspx), it redirect to login form . After input user and password the system show default form (it ok).

After that I sign out, by the following code, it redirect to login form (seem ok), but at that time I can access direct default form by type default.aspx in url (the system did not redirect to login form)
        FormsAuthentication.SignOut();
        //abandon session
        Session.Abandon();
        Response.Redirect("~/Login.aspx");

How to solve thia problem? Please help me!

Thank you very much
xuanthinhAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Raju SrivatsavayeSoftware EngineerCommented:
try to clear out the sessions before singnout and see if that works
0
xuanthinhAuthor Commented:
I had do that but it did not ok
0
raterusCommented:
Hi xuanthinh,
Might just be your browser in this case, it may be loading up a cached version.  When you access this default.aspx page unsecured, try hitting refresh in your browser.  If you are redirected, it is a cache issue.

--Michael
0
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

AGBrownCommented:
I'm guessing that you can get to the default form, but if you try and access any other secure form, you might not be able to.

I think you are having problems with content expiration headers. Your browser may be showing you a previous version of that page.

Try putting a label that prints the current DateTime at the top of the page (with a format like dd/MM/yyyy HH:mm:ss - the seconds are important). Log in and note what it says. Wait five seconds, then log out. Now type default.aspx in the url as you did before. Does the datetime change or is it the same as when you logged in?

Andy
0
AGBrownCommented:
Sorry raterus, it took me ages to get round to posting that, i didn't see you had sent the same.

In addition, then, you can use the following line in your code:
this.Response.Cache.SetCacheability(HttpCacheability.NoCache);

But, you would need this on every page. To do that you have to create a new base class for your pages, and stick it in something like the OnInit method for that new page base.

As a quicker alternative, check the properties of your web site in IIS, through the IIS snap-in, and check that you have the Enable Content Expiration under the Http Headers tab set to Expire Immediately, and see if that helps.

Andy
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
xuanthinhAuthor Commented:
Thanks for your helps!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ASP.NET

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.