Kill session / force sign out

[Mohammad Samara]

Hello everyone,

Is it possible to kill the Application session on website leave event? i.e
using "FormsAuthentication.SignOut()" when changing the web site by entering
a different domain name in the address bar on Internet explorer.

Thanks.

 

[Mark Fitzpatrick]

No. The reason is, the server never knows when a user leaves. The connection
to the server is disconnected the moment the last item in a page is
downloaded (in the case of http 1.1 that is, in http 1.0 a seperate
connection is opened/closed for the page as well as each and every item in
the page). There is no constant connection so the server can't know where
the client browser is going to if it isn't hitting pages on the server. The
cookie that is used for the forms authentication will expire anyways though
either when the timeout is reached.

Hope this helps,
Mark Fitzpatrick
Microsoft MVP- FrontPage