SignOut() doesnt work??

Hi all,

At the logoff page from our website i do following:
 Session.Clear()
 Session.Abandon()
 FormsAuthentication.SignOut()

But the user isnt Signed out at all,
when i read the membership.GetUser ill get the providerkey back of the person who is trying to logoff  (Response.Write(Membership.GetUser().ProviderUserKey.ToString()))

Am i missing something??

Tia,
paulleyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

quizwedgeCommented:
I don't know so much from experience, but this may help you out: http://stackoverflow.com/questions/412300/formsauthentication-signout-does-not-log-the-user-out
0
paulleyAuthor Commented:
@quizwedge: tried that one already without success :(

must say: I'm using cross-side logins
Im loggin on at domainA.mysite.com than i move to account.mysite.com, at this point im loggin off
the return url is presented (domainA.mysite.com/login.aspx) and at that point of time the Membership.GetUser() is returning te currently logged off user
0
quizwedgeCommented:
Are you trying to log off of domainA.mysite.com from account.mysite.com? I don't have an answer, at least yet, for that, but just trying to clarify for anyone else that comes across this question.
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

paulleyAuthor Commented:
Thank you,


Yes, im sharing the login session betweeen both sites, therefor ive enabled crosssite login in the web.config.

So it can be possible that a user Logs in on the domainA site, moves to the account.mysite.com part, does his accounting thing, and logs off in that site.

Hope this is clear :D
0
quizwedgeCommented:
About to head to bed, but wanted to throw out one more suggestion. Since you're doing cross-site stuff anyway, what about a page at domaina.mysite.com that you can call from account.mysite.com? Basically, ignore the advice in this article so that you can do cross-site requests: http://www.codinghorror.com/blog/2008/09/cross-site-request-forgeries-and-you.html

Would reducing the ticket lifetime help? It still wouldn't be an immediate logout, but you could set it to 1 minute. http://msdn.microsoft.com/en-us/library/ff648341.aspx

Finally, there are some suggestions at http://stackoverflow.com/questions/612488/logoff-button-iis6-asp-net-basic-authentication for which I'm currently too tired to figure out if they apply or not. They might, so I'm including them. :)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
paulleyAuthor Commented:
Problem still exist. looking for workaround.
Thanx for the replies
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ASP.NET

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.