Problems with FormsAuthentication.SignOut()

X

xiko tripa

Hi all

I've implemented a login using Active Directory authentication, I mean
the user
must be an Active Directory domain user on our network and should be
login on the web site through aspx web page.

I did everything as MSDN article in
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT02.asp

But I'm having problems to get the user logged off. I've tryied remove
cookie, I've tryied FormsAuthentication.SignOut() method, even
Session.Abandon(), but I got no success anyway.

Somebody could gimme some idea?

thanks in advance.
 
M

Martin Dechev

Try to delete the cookie manually:

cookie1 = Context.Request.Cookies[cookieName];
cookie1.Expires = new DateTime(1990, 1, 1);
Context.Response.Cookies.Add(cookie1);

Greetings
Martin
 
X

XikoTripa

I've tryed in a different way

I removed the Cookie using

context.Response.Cookies.Remove(cookieName);

I'll try tomorroy morning using the code you posted and let you know.

thanks.



Martin said:
Try to delete the cookie manually:

cookie1 = Context.Request.Cookies[cookieName];
cookie1.Expires = new DateTime(1990, 1, 1);
Context.Response.Cookies.Add(cookie1);

Greetings
Martin
Hi all

I've implemented a login using Active Directory authentication, I mean
the user
must be an Active Directory domain user on our network and should be
login on the web site through aspx web page.

I did everything as MSDN article in

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT02.asp

But I'm having problems to get the user logged off. I've tryied remove
cookie, I've tryied FormsAuthentication.SignOut() method, even
Session.Abandon(), but I got no success anyway.

Somebody could gimme some idea?

thanks in advance.
 
M

Martin Dechev

You cant' remove the cookie from the user's PC,
context.Response.Cookies.Remove(cookieName) removes the cookie from the
collection which is on the server only. What you can do is set the
expiration to a date in the past and the browser will remove the cookie from
the clients cookie cache. See:

http://msdn.microsoft.com/library/en-us/dv_vstechart/html/vbtchASPNETCookies101.asp

Greetings
Martin
XikoTripa said:
I've tryed in a different way

I removed the Cookie using

context.Response.Cookies.Remove(cookieName);

I'll try tomorroy morning using the code you posted and let you know.

thanks.



Martin said:
Try to delete the cookie manually:

cookie1 = Context.Request.Cookies[cookieName];
cookie1.Expires = new DateTime(1990, 1, 1);
Context.Response.Cookies.Add(cookie1);

Greetings
Martin
Hi all

I've implemented a login using Active Directory authentication, I mean
the user
must be an Active Directory domain user on our network and should be
login on the web site through aspx web page.

I did everything as MSDN article in

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT02.asp
But I'm having problems to get the user logged off. I've tryied remove
cookie, I've tryied FormsAuthentication.SignOut() method, even
Session.Abandon(), but I got no success anyway.

Somebody could gimme some idea?

thanks in advance.
 
X

xiko tripa

Martin

no way, I've tried since Session.Abandon() through
Response.Cookies.Remove(<cookie name>) with no success at all.

I've google'd a littile and found some others suggestions but all of
them with the same result (I mean no result)

I'm thinking about using another authentication schema, 'cause I1m
afraid this will not work when moved to production site.



XikoTripa said:
I've tryed in a different way

I removed the Cookie using

context.Response.Cookies.Remove(cookieName);

I'll try tomorroy morning using the code you posted and let you know.

thanks.



Martin said:
Try to delete the cookie manually:

cookie1 = Context.Request.Cookies[cookieName];
cookie1.Expires = new DateTime(1990, 1, 1);
Context.Response.Cookies.Add(cookie1);

Greetings
Martin
Hi all

I've implemented a login using Active Directory authentication, I mean
the user
must be an Active Directory domain user on our network and should be
login on the web site through aspx web page.

I did everything as MSDN article in

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT02.asp

But I'm having problems to get the user logged off. I've tryied remove
cookie, I've tryied FormsAuthentication.SignOut() method, even
Session.Abandon(), but I got no success anyway.

Somebody could gimme some idea?

thanks in advance.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top