Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 406
  • Last Modified:

Problem with Login and Logout???

Hi all,

I had create form login.aspx and default.aspx with authentication mode="Forms".

The first time I access to system (default.aspx), it redirect to login form . After input user and password the system show default form (it ok).

After that I sign out, by the following code, it redirect to login form (seem ok), but at that time I can access direct default form by type default.aspx in url (the system did not redirect to login form)
        FormsAuthentication.SignOut();
        //abandon session
        Session.Abandon();
        Response.Redirect("~/Login.aspx");

How to solve thia problem? Please help me!

Thank you very much
0
xuanthinh
Asked:
xuanthinh
2 Solutions
 
Raju SrivatsavayeSoftware EngineerCommented:
try to clear out the sessions before singnout and see if that works
0
 
xuanthinhAuthor Commented:
I had do that but it did not ok
0
 
raterusCommented:
Hi xuanthinh,
Might just be your browser in this case, it may be loading up a cached version.  When you access this default.aspx page unsecured, try hitting refresh in your browser.  If you are redirected, it is a cache issue.

--Michael
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
AGBrownCommented:
I'm guessing that you can get to the default form, but if you try and access any other secure form, you might not be able to.

I think you are having problems with content expiration headers. Your browser may be showing you a previous version of that page.

Try putting a label that prints the current DateTime at the top of the page (with a format like dd/MM/yyyy HH:mm:ss - the seconds are important). Log in and note what it says. Wait five seconds, then log out. Now type default.aspx in the url as you did before. Does the datetime change or is it the same as when you logged in?

Andy
0
 
AGBrownCommented:
Sorry raterus, it took me ages to get round to posting that, i didn't see you had sent the same.

In addition, then, you can use the following line in your code:
this.Response.Cache.SetCacheability(HttpCacheability.NoCache);

But, you would need this on every page. To do that you have to create a new base class for your pages, and stick it in something like the OnInit method for that new page base.

As a quicker alternative, check the properties of your web site in IIS, through the IIS snap-in, and check that you have the Enable Content Expiration under the Http Headers tab set to Expire Immediately, and see if that helps.

Andy
0
 
xuanthinhAuthor Commented:
Thanks for your helps!
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now