V
Valmir
Great! Thanks a lot.
--
---------------
Valmir
--
---------------
Valmir
Raterus said:
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
X
xiko tripa
Hi,
I've implemented the forms authentication just like the following msdn
article http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT02.asp
(watch out for the line wrap)
Everything is working fine. Once the user is authenticated, he/she can
navigate out to the secure portion of the site and navigate back while
the ticket hasn't expired.
But the world isn't perfect and I was asked to implement a logoff
option. So I think I need to 'kill' the ticket. I've tryied a lot of
things with no success. For example (cookieName is a var containing
the cookie name generated by the FormsAuthenticationTicket object):
Context.Request.Cookies[cookieName].Expires = DateTime.Now;
or
Context.Response.Cookies[cookieName].Value = null;
or
Response.Cookies[CookieName].Expires = DateTime.Now;
or
Response.Cookies[CookieName].Value = "";
or
Response.Cookies.Remove(CookieName);
None of above expired the ticket, disabling the user to navigate back
to the site's secure area.
Any idea?
TIA
Valmir
I've implemented the forms authentication just like the following msdn
article http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT02.asp
(watch out for the line wrap)
Everything is working fine. Once the user is authenticated, he/she can
navigate out to the secure portion of the site and navigate back while
the ticket hasn't expired.
But the world isn't perfect and I was asked to implement a logoff
option. So I think I need to 'kill' the ticket. I've tryied a lot of
things with no success. For example (cookieName is a var containing
the cookie name generated by the FormsAuthenticationTicket object):
Context.Request.Cookies[cookieName].Expires = DateTime.Now;
or
Context.Response.Cookies[cookieName].Value = null;
or
Response.Cookies[CookieName].Expires = DateTime.Now;
or
Response.Cookies[CookieName].Value = "";
or
Response.Cookies.Remove(CookieName);
None of above expired the ticket, disabling the user to navigate back
to the site's secure area.
Any idea?
TIA
Valmir
R
Raterus
Tried this?
FormsAuthentication.SignOut()
FormsAuthentication.SignOut()
X
xiko tripa
Raterus said:Tried this?
FormsAuthentication.SignOut()
Sorry! It didn't work... The user's still able to navigate back to
secure area even after calling FormsAuthentication.SignOut() on the
logoff.aspx