Working on a new project that's web forms.
I log in, see whatever first page is and there's a log out button. I click "logout" and I get logged out and redirected to the login page. So far so good.
Now, I'm on the login page. I click the back button and I see the first page. I shouldn't tho
. It's the user wasn't actually logged out.
Similar issue here but no solution Similar issue
I checked these
<forms name="DVAuth" path="/" loginUrl="user/login.aspx" protection="All" timeout="30" />
<deny users="?" />
Logout code looks like this
protected void Page_Load( object sender, EventArgs e )
var userAccountVo = (UserAccountVO)Session["UserAccount"];
var ssoLogoutUrl = GetSSOLogoutUrl(userAccountVo);
// Put user code to initialize the page here
Session["UserAccount"] = null;
Response.Cookies.Remove( "DVAuth" );
var c = new HttpCookie( "DVAuth" )
Expires = DateTime.Now.AddYears( -1 )
// c.Path = "/dvweb";
Response.Cookies.Add( c );
if ( !string.IsNullOrWhiteSpace( ssoLogoutUrl ))
Response.Redirect( ssoLogoutUrl );
Response.Redirect( "~/user/login.aspx" );
I did try Session.Clear()
but I was still able to click back on the browser and get to the first page.
What else can I check?