Problem with "Logout" in ASP.NET
I'm having problem with LOGOUT in ASP.NET.
When I click on LOGOUT button it goes to Login Page but if I click on back button on my browser, it redirects to previous page and I can access all the pages.
How can I end the session so that even if I click back button, it'll go to login page?
I'm using Visual Studio 2008, C#.
When I click on LOGOUT button it goes to Login Page but if I click on back button on my browser, it redirects to previous page and I can access all the pages.
How can I end the session so that even if I click back button, it'll go to login page?
I'm using Visual Studio 2008, C#.
Logout
----------
public partial class Logout : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
//Session.Clear();
//Session.Abandon();
FormsAuthentication.SignOut();
Response.Redirect("~/Default.aspx", true);
//FormsAuthentication.RedirectToLoginPage();
}
}
Login Control:
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
public partial class Control_Login : System.Web.UI.UserControl
{
private UserMembershipProvider UserMembership = new UserMembershipProvider();
private RoleProvider roleProvider = new RoleProvider();
protected void Page_Load(object sender, EventArgs e)
{
if (!Page.IsPostBack)
{
if (Request.Cookies["CapProSoft_RememberMe"] != null)
{
UserName.Text = (Request.Cookies["CapProSoft_RememberMe"]["UserInfo"]);
}
}
}
protected void LoginButton_Click(object sender, EventArgs e)
{
try
{
if (UserMembership.ValidateUser(UserName.Text, Password.Text))
{
SetUserIdentity(UserName.Text.Trim());
Session["UserType"] = UserMembership.StrUserType;
string[] temp = roleProvider.GetRolesForUser(UserName.Text);
string roles = "";
roles += UserMembership.GetUsersDistrict(UserName.Text);
roles += "|";
roles += String.Join(",", temp);
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
UserName.Text,
DateTime.Now,
DateTime.Now.AddMinutes(30), // value of time out property
RememberMe.Checked, // Value of IsPersistent property
roles,
FormsAuthentication.FormsCookiePath);
string encryptedTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie authCookie = new HttpCookie(
FormsAuthentication.FormsCookieName,
encryptedTicket);
Response.Cookies.Add(authCookie);
if (RememberMe.Checked)
{
Response.Cookies.Remove("CapProSoft_RememberMe"); //This will remove previous cookie
HttpCookie myCookie = new HttpCookie("CapProSoft_RememberMe"); //new cookie object
Response.Cookies.Add(myCookie); //This will create new cookie
myCookie.Values.Add("UserInfo", UserName.Text); //Add User Name
DateTime CookieExpir = DateTime.Now.AddDays(60); //Cookie life
Response.Cookies["CapProSoft_RememberMe"].Expires = CookieExpir; //Maximum day of cookie's life
}
if (UserMembership.GetPasswordChange(UserName.Text))
{
Response.Redirect("~/Components/ChangePassword.aspx", true);
}
string strRedirect;
strRedirect = Request["ReturnUrl"];
if (strRedirect == null)
strRedirect = "~/Components/Home.aspx";
Response.Redirect(strRedirect, true);
}
else
Response.Redirect("~/Default.aspx", true);
}
catch (Exception ex)
{
Response.Write(ex.Message.ToString());
}
}
private User SetUserIdentity(string strUserEmail)
{
User MyIdentity = new User();
MyIdentity = UserMembership.GetUSerDetails(strUserEmail);
Session["MyIdentity"] = MyIdentity;
return MyIdentity;
}
}
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.