• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 638
  • Last Modified:

Just need to know where my prolem lies. When I log out of the web site.

on my web site, when I log out the web site it sometimes it brings me to the home page but like I would be still logged in.
<asp:LoginView ID="LoginView1" runat="server">
    <AnonymousTemplate>
        <asp:Login ID="LoginStatus" runat="server" Height="31px" Width="100%" FailureAction="RedirectToLoginPage"
            OnLoggedIn="LoginStatus_LoggedIn" OnLoggingIn="LoginStatus_LoggingIn">
            <LayoutTemplate>
                <table border="0" cellpadding="0" cellspacing="0" width="100%">
                    <tr>
                        <td nowrap="nowrap" width="25%">
                            <asp:Label runat="server" ID="lblUserName" AssociatedControlID="UserName" Text="Username:" />
                            <asp:TextBox ID="UserName" runat="server" BorderColor="DarkGray" BorderStyle="Inset"
                                BorderWidth="2px" Width="125px" />&nbsp;
                        </td>
                        <td width="8px" style="text-align: left;" valign="middle">
                            <asp:RequiredFieldValidator ID="valRequireUserName" runat="server" SetFocusOnError="True"
                                ControlToValidate="UserName" Text="*" ValidationGroup="Login" Font-Bold="True" />
                        </td>
                        <td nowrap="nowrap" width="25%">
                            <asp:Label ID="lblPassword" runat="server" AssociatedControlID="Password" Text="Password:" />
                            <asp:TextBox ID="Password" runat="server" TextMode="Password" BorderColor="DarkGray"
                                BorderStyle="Inset" BorderWidth="2px" Width="125px" />&nbsp;
                        </td>
                        <td width="8px" style="text-align: left;" valign="middle">
                            <asp:RequiredFieldValidator ID="valRequirePassword" runat="server" ControlToValidate="Password"
                                SetFocusOnError="True" Text="*" ValidationGroup="Login" Font-Bold="True" />
                        </td>
                        <td width="25%">
                            <asp:Button CssClass="button-login" ValidationGroup="Login" CommandName="Login" ID="btnLogin"
                                runat="server" />
                        </td>
                    </tr>
                    <tr>
                        <td width="100%" colspan="5" style="text-align: right;">
                            <asp:HyperLink ID="lnkRegister" runat="server" NavigateUrl="~/Secure/Register.aspx">Create New Account
                            </asp:HyperLink>
                            |
                            <asp:HyperLink ID="lnkPasswordRecovery" runat="server" NavigateUrl="~/Secure/PasswordRecovery.aspx">Forgot
                                password?</asp:HyperLink>
                        </td>
                    </tr>
                    <tr>
                        <td width="100%" colspan="5" style="text-align: right;">
                            <asp:Literal ID="FailureText" runat="server" EnableViewState="False"></asp:Literal>
                            <input type="text" name="theTime" size="30" readonly="readonly" style="border: 0px;
                                margin-left: 4px; font-weight: bold;">
                        </td>
                    </tr>
                </table>
            </LayoutTemplate>
        </asp:Login>
    </AnonymousTemplate>
    <LoggedInTemplate>
        <div id="welcomebox">
            <asp:LoginName ID="LoginName1" runat="server" FormatString=" Welcome {0} " />
            <asp:Button CssClass="button-logout" ID="btnLogout" runat="server" OnClick="btnLogout_Click" /><br />
            <input type="text" name="theTime" size="30" readonly="readonly" style="border: 0px;
                margin-left: 4px; font-weight: bold;">
        </div>
    </LoggedInTemplate>
</asp:LoginView>

Attached code is the behind code for login and logout.
I need to rewrite 
LoginStatus_LoggedIn
LoginStatus_LoggingIn
need to be rewritten
Also I would like if there is no activity log user out and redirect to login page.
 

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Globalization;
using System.IO;
using System.Web.Security;

namespace OmegaLove.Web.UI
{
    public partial class ctrlLogin : OmegaLoveBasePageUserControl
    {
        protected MembershipUser loginUser;

        protected void Page_Load(object sender, EventArgs e)
        {
            if (!IsPostBack)
            {
                // Search recursively for a Login control, called LoginStatus
                // starting from within the Page object.
                Login curLogin = FindControl<Login>(this, "LoginStatus");

                // You still should check whether you got something back!
                if (curLogin != null)
                    Page.SetFocus(curLogin.FindControl("UserName"));
            }
        }


        // Search recursively a control sub-tree for a specific control.
        // It searches every control in the sub-tree, so it potentially
        // could be optimized to search only, say, INamingContainers.
        public T FindControl<T>(string id) where T : Control
        {
            return FindControl<T>(Page, id);
        }

        public static T FindControl<T>(Control startingControl, string id) where T : Control
        {
            T found = null;
            foreach (Control activeControl in startingControl.Controls)
            {
                found = activeControl as T;
                if (found == null)
                {
                    found = FindControl<T>(activeControl, id);
                }
                else if (string.Compare(id, found.ID, true) != 0)
                {
                    found = null;
                }
                if (found != null)
                {
                    break;
                }
            }
            return found;
        }


        protected void btnLogout_Click(object sender, EventArgs e)
        {
            MembershipUser mu = Membership.GetUser();
            mu.Comment = String.Empty;
            Membership.UpdateUser(mu);
            ///* Create new session ticket that expires immediately */
            FormsAuthenticationTicket ticket =
                new FormsAuthenticationTicket(
                    1,
                    this.Context.User.Identity.Name,
                    DateTime.Now,
                    DateTime.Now,
                    false,
                    Guid.NewGuid().ToString());

            /* Encrypt the ticket */
            string encrypted_ticket = FormsAuthentication.Encrypt(ticket);

            /* Create cookie */
            HttpCookie cookie = new HttpCookie(
                FormsAuthentication.FormsCookieName,
                encrypted_ticket);

            /* Add cookie */
            this.Context.Response.Cookies.Add(cookie);

            /* Abandon session object to destroy all session variables */
            this.Context.Session.Clear();
            this.Context.Session.Abandon();

            FormsAuthentication.SignOut();
            FormsAuthentication.RedirectToLoginPage();
           
        }


        protected void LoginStatus_LoggedIn(object sender, EventArgs e)
        {
            if (loginUser == null)
            {
                var lgnMain = ((Login)LoginView1.FindControl("LoginStatus"));
                string username = lgnMain.UserName;

                loginUser = Membership.GetUser(username);
            }

            // represents the active login session
            Guid g = Guid.NewGuid();
            HttpCookie c = Response.Cookies[FormsAuthentication.FormsCookieName];
            FormsAuthenticationTicket ft = FormsAuthentication.Decrypt(c.Value);

            //Generate a new ticket that includes the login session ID
            var ftNew = new FormsAuthenticationTicket(
                ft.Version,
                ft.Name,
                ft.IssueDate,
                ft.Expiration,
                ft.IsPersistent,
                g.ToString(),
                ft.CookiePath);

            ////Store the expiration date and login session ID in Membership
            //loginUser.Comment = "LoginExpiration;" + ft.Expiration + "|LoginSessionID;" + g;
            //Membership.UpdateUser(loginUser);

            ////Re-issue the updated forms authentication ticket
            //Response.Cookies.Remove(FormsAuthentication.FormsCookieName);

            ////Basically clone the original cookie except for the payload
            //var newAuthCookie = new HttpCookie(
            //    FormsAuthentication.FormsCookieName,
            //    FormsAuthentication.Encrypt(ftNew));

            ////Re-use the cookie settings from forms authentication
            //newAuthCookie.HttpOnly = c.HttpOnly;
            //newAuthCookie.Path = c.Path;
            //newAuthCookie.Secure = c.Secure;
            //newAuthCookie.Domain = c.Domain;
            //newAuthCookie.Expires = c.Expires;

            ////And set it back in the response
            //Response.Cookies.Add(newAuthCookie);
        }

        protected void LoginStatus_LoggingIn(object sender, LoginCancelEventArgs e)
        {
            //if (loginUser == null)
            //{
            //    var lgnMain = ((Login)LoginView1.FindControl("LoginStatus"));
            //    string username = lgnMain.UserName;

            //    loginUser = Membership.GetUser(username);
            //}


            //Only need to check if the user instance already has login information
            //stored in the Comment field.
            //if ((!Equals(loginUser, null)))
            //    if ((!String.IsNullOrEmpty(loginUser.Comment)) && loginUser.Comment.Contains("LoginExpiration"))
            //    {
            //        string currentExpirationString = loginUser.Comment.Split("|".ToCharArray())[0];
            //        DateTime currentExpiration = DateTime.Parse((currentExpirationString.Split(";".ToCharArray()))[1]);


            //        //The user was logged in at some point previously and the login is still
            //        //valid
            //        if (DateTime.Now <= currentExpiration)
            //        {
            //            e.Cancel = true;
            //            var tx = (Literal) LoginView1.FindControl("FailureText");
            //            ScriptManager.RegisterStartupScript(Page, GetType(), "message",
            //                                                "alert('You are already logged in. You are being logged out!');",
            //                                                true);
            //        }
            //    }

        }
    }

}

Open in new window

0
mathieu_cupryk
Asked:
mathieu_cupryk
  • 4
  • 3
1 Solution
 
five22bagsCommented:
Can you paste the relevant web.config nodes that handle your security? If there is any sensitive information in there, please scrub it for your own protection.
0
 
mathieu_cuprykAuthor Commented:
<?xml version="1.0"?><configuration>



  <configSections>
    <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler,log4net" />
    <section name="OmegaLove" type="OmegaLove.OmegaLoveSection, __code" />

    <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
      <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
        <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" />
        <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
          <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere" />
          <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" />
          <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" />
          <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" />
        </sectionGroup>
      </sectionGroup>
    </sectionGroup>
  </configSections>

  <appSettings>
    <add key="pagetitle" value="OmegaLove Version 1.0"></add>
    <add key="sitelogo" value="omegalovelogo.jpg"></add>
    <add key="webmasteremail" value="webmaster@omegalove.com"></add>
    <add key="advertiseemail" value="sales@omegalove.com"></add>
    <add key="adminrolename" value="admin"></add>
    <add key="adminfolder" value="admin"></add>
    <add key="imagefolder" value="images"></add>
    <add key="ConnStr" value="Server=72.18.146.251,1533;Database=omegalove;Persist Security Info=True;User ID=administrator;Password=******************" />
    <add key="LogName" value="EmpostErrLog" />
    <!-- after initial installation its a good idea to set this to false. If you sign in as admin before doing upgrades you can leave this as false.-->
    <add key="DisableSetup" value="false" />
    <add key="ShowConnectionErrorOnSetup" value="true" />
    <!-- ******* global security settings -->
    <add key="EnableOpenIDAuthentication" value="true" />
    <add key="EnableWindowsLiveAuthentication" value="true" />
    <add key="AllowPersistentLoginCookie" value="true" />
    <add key="AllowPasswordFormatChange" value="true" />
    <add key="SSLIsAvailable" value="false" />
    <add key="MaskPasswordsInUserAdmin" value="true" />
    <!-- Default to All Users role, i.e public pages by default -->
    <add key="DefaultPageRoles" value="All Users" />
    <add key="AllowUserProfilePage" value="true" />
    <add key="AllowUserThreadBrowsing" value="true" />
    <add key="NotifyAdminsOnNewUserRegistration" value="false" />
    <add key="RolesThatCanViewMemberList" value="Authenticated Users" />
    <add key="RolesThatCanViewMyPage" value="All Users" />
    <add key="EnableLogViewer" value="true" />
    <add key="ShowRebuildSearchIndexButtonToAdmins" value="false" />
    <add key="ShowForumPostsInMemberList" value="true" />
    <!-- this should generally be false on public sites but on an intranet you may wish to show the user email -->
    <add key="ShowEmailInMemberList" value="false" />
    <add key="ShowLoginNameInMemberList" value="false" />
    <add key="ShowUserIDInMemberList" value="false" />
    <add key="RolesThatCanUploadAndBrowse" value="Admins;Members" />
    <!-- you should not change this unless you implemented your own custom login page -->
    <add key="LoginPageRelativeUrl" value="/Secure/Home.aspx" />
    <add key="UseCultureOverride" value="false" />
    <add key="DefaultCountry" value="US" />
    <add key="EnableNewsletter" value="true" />
    <add key="MemberListPageSize" value="20" />
    <add key="SearchResultsPageSize" value="10" />

    <add key="YUIDefaultSkinFolder" value="sam" />
    <add key="YUIDefaultSkinClass" value="yui-skin-sam" />
    <add key="DisableYUI" value="false" />

    <!--  
    if you have a low traffic site (if 20 minutes may go by between requests for pages)
    then what happens is the application pool shuts down the web application after 20 minutes
    goes by with no request for any pages.
    Then when you get a new request all the JIT compilation must happen again
    and this causes a slow response.
    You can mitigate this for a slow site by setting this to true. A background thread will be spawned that
    makes a request to the site often enough to keep the application pool from shutting down the application
    due to lack of traffic.
    For sites that are getting enough traffic its best to leave this as false.
    -->
    <add key="UseAppKeepAlive" value="false" />
    <add key="GetAlphaPagerCharsFromResourceFile" value="false" />
    <add key="AlphaPagerChars" value="ABCDEFGHIJKLMNOPQRSTUVWXYZ" />
    <add key="CombineCSS" value="true" />
    <add key="MinifyCSS" value="true" />
    <add key="CacheCssOnServer" value="true" />
    <add key="CacheCssInBrowser" value="true" />
    <add key="Telerik.Skin" value="Web20" />
  </appSettings>

  <OmegaLove defaultConnectionStringName="LocalSqlServer">
    <contactForm mailTo="webmaster@omegalove.com" />
  </OmegaLove>

  <connectionStrings>
    <remove name="LocalSqlServer" />
    <add name="LocalSqlServer" connectionString="Data Source=72.18.146.251,1533;Initial Catalog=dbaspnet;Persist Security Info=True;User ID=adminaspnet;Password=******************" providerName="System.Data.SqlClient" />
    <add name="omegaloveConnectionString" connectionString="Data Source=72.18.146.251,1533;Initial Catalog=omegalove;Persist Security Info=True;User ID=administrator;Password=******************" providerName="System.Data.SqlClient" />
    <add name="dbaspnetConnectionString" connectionString="Data Source=72.18.146.251,1533;Initial Catalog=dbaspnet;Persist Security Info=True;User ID=adminaspnet;Password=******************" providerName="System.Data.SqlClient" />
  </connectionStrings>


  <location path="Telerik.Web.UI.WebResource.axd">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>

  <system.web>
    <trace enabled="true"/>

    <!-- maxRequestLength: the limit for the input stream buffering threshold, in KB.
            The value 1048576 is for 1 GB (1024 x 1024 KB).
            executionTimeout: Specifies the maximum number of seconds -->
    <httpRuntime maxRequestLength="2097151" />

    <globalization fileEncoding="utf-8" requestEncoding="utf-8" responseEncoding="utf-8" culture="en-US" uiCulture="en-US" />

    <!--
                  Set compilation debug="true" to insert debugging
                  symbols into the compiled page. Because this
                  affects performance, set this value to true only
                  during development.
            -->
    <compilation debug="true" defaultLanguage="c#">
      <assemblies>
        <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
        <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
        <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
        <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
                    <add assembly="System.Design, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
                        <add assembly="System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
                        <add assembly="System.Drawing.Design, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" /></assemblies>
    </compilation>
    <!--
            The <authentication> section enables configuration
            of the security authentication mode used by
            ASP.NET to identify an incoming user.
        -->
    <!--<authentication mode="Forms">
          <forms loginUrl="Login.aspx" />
      </authentication>
      <authorization>
          <deny users="?"/>
      </authorization>-->

    <!--
                  The <authentication> section enables configuration
                  of the security authentication mode used by
                  ASP.NET to identify an incoming user.
            -->
    <authentication mode="Forms">
      <forms loginUrl="~/Secure/Home.aspx" defaultUrl="~/Secure/UserProfile.aspx" name=".ASPXFORMSAUTH" protection="All" timeout="60000" slidingExpiration="true" />
    </authentication>
    <authorization>
      <allow users="*" />
      <deny users="?" />
    </authorization>

    <machineKey validationKey="287C5D125D6B7E7223E1F719E3D58D17BB967703017E1BBE28618FAC6C4501E910C7E59800B5D4C2EDD5B0ED98874A3E952D60BAF260D9D374A74C76CB741803" decryptionKey="5C1D8BD9DF3E1B4E1D01132F234266616E0D5EF772FE80AB" validation="SHA1" />



    <sessionState cookieless="AutoDetect" />
    <anonymousIdentification cookieless="AutoDetect" enabled="true" />

    <!--<roleManager enabled="true" cacheRolesInCookie="true" cookieName="OLROLES" defaultProvider="OL_RoleProvider">
      <providers>
        <add connectionStringName="LocalSqlServer" applicationName="/" name="OL_RoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
      </providers>
    </roleManager>-->


    <membership defaultProvider="OL_MembershipProvider" userIsOnlineTimeWindow="40">
      <providers>
        <add name="OL_MembershipProvider" connectionStringName="LocalSqlServer"
             applicationName="/" enablePasswordRetrieval="true" enablePasswordReset="true"
             requiresQuestionAndAnswer="false" requiresUniqueEmail="true" passwordFormat="Encrypted"
             maxInvalidPasswordAttempts="5" passwordAttemptWindow="10" minRequiredPasswordLength="5"
             minRequiredNonalphanumericCharacters="0"
             type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
      </providers>
    </membership>

    <!--<profile defaultProvider="OL_ProfileProvider">
      <providers>
        <clear />
        <add name="OL_ProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="LocalSqlServer" applicationName="/" />
      </providers>
      <properties>
        <add name="Address" type="OmegaLove.BLL.Address"/>
        <add name="Personal" type="OmegaLove.BLL.Personal"/>
        <add name="Preferences" type="OmegaLove.BLL.Preferences"/>
      </properties>
    </profile>-->

    <profile defaultProvider="OmegaLoveProfileProvider" inherits="OmegaLove.BLL.CustomProfile">
      <providers>
        <add name="OmegaLoveProfileProvider" type="System.Web.Profile.SqlProfileProvider" applicationName="/" connectionStringName="LocalSqlServer" />
      </providers>
    </profile>


    <!--<profile defaultProvider="OL_ProfileProvider">
      <providers>
        <add name="OL_ProfileProvider" connectionStringName="LocalSqlServer" applicationName="/" type="System.Web.Profile.SqlProfileProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
      </providers>
      <properties>
        <group name="Personal">
          <add name="UserName" type="System.String" />
          <add name="Password" type="System.String" />
          <add name="Email" type="System.String" />
          <add name="FirstName" type="System.String" />
          <add name="LastName" type="System.String" />
          <add name="DOB" type="System.DateTime" />
          <add name="Age" type="System.Int32" />
          <add name="Gender" type="System.String" />
          <add name="Seeking" type="System.String" />
          <add name="Country" type="System.String" />
          <add name="Region" type="System.String" />
          <add name="City" type="System.String" />
          <add name="ZipCode" type="System.String" />
          <add name="ConfirmationGUID" type="System.String" />
          <add name="UserIP" type="System.String" />
          <add name="SessionID" type="System.String" />
        </group>
        <group name="Address">
          <add name="Country" type="System.String" />
          <add name="Region" type="System.String" />
          <add name="City" type="System.String" />
          <add name="ZipCode" type="System.String" />
        </group>
        <group name="Preferences">
          <add name="Theme" type="String" allowAnonymous="false" />
          <add name="Culture" type="String" defaultValue="en-US" />
        </group>
      </properties>
    </profile>-->

    <webParts enableExport="true">
      <personalization defaultProvider="OL_PersonalizationProvider">
        <providers>
          <add name="OL_PersonalizationProvider" connectionStringName="LocalSqlServer" type="System.Web.UI.WebControls.WebParts.SqlPersonalizationProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
        </providers>
        <authorization>
          <allow roles="All" verbs="enterSharedScope" />
        </authorization>
      </personalization>
    </webParts>

    <pages>
      <namespaces>
        <add namespace="System.Globalization" />
        <!--<add namespace="OmegaLove.Web.Controls" />-->
      </namespaces>
      <controls>
        <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
        <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
        <add tagPrefix="OmegaLove" tagName="ctrlLogin" src="~/Controls/ctrlLogin.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlLogo" src="~/Controls/ctrlLogo.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlFooter" src="~/Controls/ctrlFooter.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlHeaderMenu" src="~/Controls/ctrlHeaderMenu.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlLeftNavigationMenu" src="~/Controls/ctrlLeftNavigationMenu.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlUserProfile" src="~/Controls/ctrlUserProfile.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlBreadCrumb" src="~/Controls/ctrlBreadCrumb.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlWorkFlowButton" src="~/Controls/ctrlWorkFlowButton.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlCurrentUser" src="~/Controls/ctrlCurrentUser.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlHome" src="~/Controls/ctrlHome.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlAboutUs" src="~/Controls/ctrlAboutUs.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlContactUs" src="~/Controls/ctrlContactUs.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlInfoBlock" src="~/Controls/ctrlInfoBlock.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlSiteTreeView" src="~/Controls/ctrlSiteTreeView.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlRegistered" src="~/Controls/ctrlRegistered.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlRegister" src="~/Controls/ctrlRegister.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlActivate" src="~/Controls/ctrlActivate.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlUserProfile" src="~/Controls/ctrlUserProfile.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlAgreement" src="~/Controls/ctrlAgreement.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlTopBanner" src="~/Controls/ctrlTopBanner.ascx" />
        <add tagPrefix="OmegaLove" tagName="ctrlComingSoon" src="~/Controls/ctrlComingSoon.ascx" />
        <add assembly="YUIAspNet" namespace="YUIAspNet" tagPrefix="yui" />
        <add tagPrefix="telerik" namespace="Telerik.Web.UI" assembly="Telerik.Web.UI" />
        <add tagPrefix="OmegaLove" namespace="OmegaLove.Validators" assembly="OmegaLove.Validators" />
        <add tagPrefix="OmegaLove" namespace="OmegaLove.DatePicker" assembly="OmegaLove.DatePicker" />

      </controls>
    </pages>

    <!--
                  The <customErrors> section enables configuration
                  of what to do if/when an unhandled error occurs
                  during the execution of a request. Specifically,
                  it enables developers to configure html error pages
                  to be displayed in place of a error stack trace.
            -->

    <customErrors defaultRedirect="" mode="Off">
      <error statusCode="404" redirect="~/Error.aspx?code=404" />
      <error statusCode="408" redirect="~/Error.aspx?code=408" />
      <error statusCode="505" redirect="~/Error.aspx?code=505" />
    </customErrors>

    <!--
                  The <customErrors> section enables configuration
                  of what to do if/when an unhandled error occurs
                  during the execution of a request. Specifically,
                  it enables developers to configure html error pages
                  to be displayed in place of a error stack trace.

            <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
                  <error statusCode="403" redirect="NoAccess.htm" />
                  <error statusCode="404" redirect="FileNotFound.htm" />
            </customErrors>
            -->
    <httpHandlers>
      <remove verb="*" path="*.asmx" />
      <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
      <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
      <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false" />
      <add path="ChartImage.axd" type="Telerik.Web.UI.ChartHttpHandler" verb="*" validate="false" />
      <add path="Telerik.Web.UI.SpellCheckHandler.axd" type="Telerik.Web.UI.SpellCheckHandler" verb="*" validate="false" />
      <add path="Telerik.Web.UI.DialogHandler.aspx" type="Telerik.Web.UI.DialogHandler" verb="*" validate="false" />
      <add path="Telerik.RadUploadProgressHandler.ashx" type="Telerik.Web.UI.RadUploadProgressHandler" verb="*" validate="false" />
      <add path="Telerik.Web.UI.WebResource.axd" type="Telerik.Web.UI.WebResource" verb="*" validate="false" />


    </httpHandlers>
    <httpModules>
      <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
      <add name="RadUploadModule" type="Telerik.Web.UI.RadUploadHttpModule" />
      <add name="RadCompression" type="Telerik.Web.UI.RadCompression" />
    </httpModules>
   
   
  </system.web>

  <system.codedom>
    <compilers>
      <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
        <providerOption name="CompilerVersion" value="v3.5" />
        <providerOption name="WarnAsError" value="false" />
      </compiler>
      <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" warningLevel="4" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
        <providerOption name="CompilerVersion" value="v3.5" />
        <providerOption name="OptionInfer" value="true" />
        <providerOption name="WarnAsError" value="false" />
      </compiler>
    </compilers>
  </system.codedom>

  <system.web.extensions>
    <scripting>
      <webServices>
        <jsonSerialization maxJsonLength="50000000" />
        <authenticationService enabled="true" requireSSL="false" />
      </webServices>
      <scriptResourceHandler enableCompression="true" enableCaching="true" />
    </scripting>
  </system.web.extensions>
  <!--
        The system.webServer section is required for running ASP.NET AJAX under Internet
        Information Services 7.0.  It is not necessary for previous version of IIS.
    -->
  <system.webServer>
    <validation validateIntegratedModeConfiguration="false" />
    <modules>
      <remove name="ScriptModule" />
      <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
      <add name="RadUploadModule" type="Telerik.Web.UI.RadUploadHttpModule" />
      <add name="RadCompression" type="Telerik.Web.UI.RadCompression" />
     
     
    </modules>
    <handlers>
      <remove name="WebServiceHandlerFactory-Integrated" />
      <remove name="ScriptHandlerFactory" />
      <remove name="ScriptHandlerFactoryAppServices" />
      <remove name="ScriptResource" />
      <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
      <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
      <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
      <add name="ChartImage_axd" path="ChartImage.axd" type="Telerik.Web.UI.ChartHttpHandler" verb="*" preCondition="integratedMode,runtimeVersionv2.0" />
      <add name="Telerik_Web_UI_SpellCheckHandler_axd" path="Telerik.Web.UI.SpellCheckHandler.axd" type="Telerik.Web.UI.SpellCheckHandler" verb="*" preCondition="integratedMode,runtimeVersionv2.0" />
      <add name="Telerik_Web_UI_DialogHandler_aspx" path="Telerik.Web.UI.DialogHandler.aspx" type="Telerik.Web.UI.DialogHandler" verb="*" preCondition="integratedMode,runtimeVersionv2.0" />
      <add name="Telerik_RadUploadProgressHandler_ashx" path="Telerik.RadUploadProgressHandler.ashx" type="Telerik.Web.UI.RadUploadProgressHandler" verb="*" preCondition="integratedMode,runtimeVersionv2.0" />
      <add name="Telerik_Web_UI_WebResource_axd" path="Telerik.Web.UI.WebResource.axd" type="Telerik.Web.UI.WebResource" verb="*" preCondition="integratedMode,runtimeVersionv2.0" />
    </handlers>
  <security>
    <requestFiltering>
      <requestLimits maxAllowedContentLength="1048576" />
      <requestLimits maxAllowedContentLength="2147482624" /></requestFiltering></security>
  </system.webServer>

  <system.net>
    <mailSettings>
      <smtp from="webmaster@omegalove.com">
        <network host="mail.omegalove.com" password="******************" userName="webmaster@omegalove.com" />
      </smtp>
    </mailSettings>
  </system.net>


  <runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0" />
      </dependentAssembly>
    </assemblyBinding>
  </runtime>

</configuration>
0
 
Maheshwar RSoftware DeveloperCommented:
i think the problem lies in the following code
  <forms loginUrl="~/Secure/Home.aspx" defaultUrl="~/Secure/UserProfile.aspx" name=".ASPXFORMSAUTH" protection="All" timeout="60000" slidingExpiration="true" />
    </authentication>
    <authorization>
      <allow users="*" />
      <deny users="?" />
    </authorization>

if u want to be the login page after logout change the default url field
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
mathieu_cuprykAuthor Commented:
k
0
 
mathieu_cuprykAuthor Commented:
where should I set the url where the person logs in.
0
 
Maheshwar RSoftware DeveloperCommented:
in here in the line of code
<forms loginUrl="~/Secure/Home.aspx" defaultUrl="~/Secure/UserProfile.aspx"

change the login url field
0
 
mathieu_cuprykAuthor Commented:
Sometimes when I reopen the application it remembers the user is still login.
How do I get rid of that.
0
 
Maheshwar RSoftware DeveloperCommented:
check that when u login see that "remember me " options not selected..
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now