Solved

Session Still Working Despite Using Session.Abandon()

Posted on 2013-01-07
6
314 Views
Last Modified: 2013-01-12
Hello guys..

I am using Session.Abandon() to logout from a page called detail.asp and then redirecting to Login.asp. But from login.asp page when I use the same link of detail.asp in the address bar it takes me into the same detail.asp page instead of redirecting back again to login page.

logout.asp
----------------------
session.abandon
response.redirect "login.asp"
0
Comment
Question by:newbie27
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 53

Expert Comment

by:Scott Fell, EE MVE
ID: 38750596
Try Session.Contents.Remove("sale") or for all sessions Session.Contents.RemoveAll().  I will typically do this session("myobject")="" first.
0
 
LVL 8

Author Comment

by:newbie27
ID: 38751182
No it didn't work.

From detail.asp page i am calling logut.asp page

logout.asp page cotains the following code

Session.Contents.RemoveAll()
session.abandon
response.redirect "login.asp"

Being in login.asp page, when i paste the detail.asp link in the address bar it takes me to again to details.asp which it should redirect back to login page
0
 
LVL 53

Accepted Solution

by:
Scott Fell,  EE MVE earned 500 total points
ID: 38751249
Can you post your sample script.

This works for me.
Page1.asp
<%
session("login")="xyz"
%>

Page2.asp
<%
Session.Contents.Remove("login")
session.Contents.RemoveAll()
%>

Are you sure the code is being called?
Try this
Session.Contents.Remove("login")
Session.Contents.RemoveAll()
session.abandon
response.write "Login removed."
response.end() 'should stop the page and verify your code is processed.
response.redirect "login.asp"
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 8

Author Comment

by:newbie27
ID: 38753592
Login.asp
-----------------------------------------------------------------
UserName = request.form("UserName")
Password = request.form("Password")

session("UserName") = UserName

After successful login it will redirect to detail.asp page

detail.asp
---------------
Dim sUsername
sUsername = Session("UserName")
If sUsername = "" Then
Response.Redirect("login.asp")
end if
below code will show details with logout option
<a href="logout.asp" style="float:right"><b>LogOut</b></a>

logout.asp
-----------------
<% in this page i also want to clear the cookies, for now just trying to kill the session
'dim Cookie
'For Each Cookie In Response.Cookies
'Response.Cookies(Cookie).Expires = Date() - 1
'Next
'DeleteSession
Session.Contents.Remove("UserName")
Session.Contents.RemoveAll()
session.abandon
response.write "Login removed."
response.end()
response.redirect "login.asp
'end if
%>

when i followed the steps and clicked on the logout link it shows the error of "The page cannot be displayed".

Please advise.
0
 
LVL 53

Expert Comment

by:Scott Fell, EE MVE
ID: 38753652
Login.asp
<%
'just to make sure default the session to nothing
   session("UserName") =""

'only set the user info if the form is submitted
if request.form("UserName")<>"" then
   UserName = request.form("UserName")
   Password = request.form("Password")
    session("UserName") = UserName
end if
%>

Open in new window

0
 
LVL 8

Author Closing Comment

by:newbie27
ID: 38769968
Thanks, worked like a charm.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we want to have a look at the directory attributes which are used by Microsoft to store the so called Security Identifiers (SID). These SIDs plays an important role in delegating and granting permissions and in authentication of trus…
This script will sweep a range of IP addresses (class c only, 255.255.255.0) and report to a log the version of office installed. What it does: 1.)      Creates log file in the directory the script is run from (if it doesn't already exist) 2.)      Sweep…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question