Kill session / force sign out

  • Thread starter Thread starter Mohammad Samara
  • Start date Start date
M

Mohammad Samara

Hello everyone,

Is it possible to kill the Application session on website leave event? i.e
using "FormsAuthentication.SignOut()" when changing the web site by entering
a different domain name in the address bar on Internet explorer.

Thanks.
 
No. The reason is, the server never knows when a user leaves. The connection
to the server is disconnected the moment the last item in a page is
downloaded (in the case of http 1.1 that is, in http 1.0 a seperate
connection is opened/closed for the page as well as each and every item in
the page). There is no constant connection so the server can't know where
the client browser is going to if it isn't hitting pages on the server. The
cookie that is used for the forms authentication will expire anyways though
either when the timeout is reached.

Hope this helps,
Mark Fitzpatrick
Microsoft MVP- FrontPage
 
You must log in or register to reply here.

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Forms Authentication Problem: Session expired, pages can still be visited. 1
accessing another user's session state 6
Multiple sessions and forms-based authentication 5
A way to kill Session user(only one session), solutions... 2
One client can't login to our site 6
Clean the session history after logging out 1
How to Maintain Sessions between applications 5
Maintaining Session between 2 sites 1

Back
Top