Problems with FormsAuthentication.SignOut()

  • Thread starter Thread starter xiko tripa
  • Start date Start date
X

xiko tripa

Hi all

I've implemented a login using Active Directory authentication, I mean
the user
must be an Active Directory domain user on our network and should be
login on the web site through aspx web page.

I did everything as MSDN article in
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT02.asp

But I'm having problems to get the user logged off. I've tryied remove
cookie, I've tryied FormsAuthentication.SignOut() method, even
Session.Abandon(), but I got no success anyway.

Somebody could gimme some idea?

thanks in advance.
 
Try to delete the cookie manually:

cookie1 = Context.Request.Cookies[cookieName];
cookie1.Expires = new DateTime(1990, 1, 1);
Context.Response.Cookies.Add(cookie1);

Greetings
Martin
 
I've tryed in a different way

I removed the Cookie using

context.Response.Cookies.Remove(cookieName);

I'll try tomorroy morning using the code you posted and let you know.

thanks.



Martin said:
Try to delete the cookie manually:

cookie1 = Context.Request.Cookies[cookieName];
cookie1.Expires = new DateTime(1990, 1, 1);
Context.Response.Cookies.Add(cookie1);

Greetings
Martin
Hi all

I've implemented a login using Active Directory authentication, I mean
the user
must be an Active Directory domain user on our network and should be
login on the web site through aspx web page.

I did everything as MSDN article in

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT02.asp

But I'm having problems to get the user logged off. I've tryied remove
cookie, I've tryied FormsAuthentication.SignOut() method, even
Session.Abandon(), but I got no success anyway.

Somebody could gimme some idea?

thanks in advance.
Click to expand...
Click to expand...
 
You cant' remove the cookie from the user's PC,
context.Response.Cookies.Remove(cookieName) removes the cookie from the
collection which is on the server only. What you can do is set the
expiration to a date in the past and the browser will remove the cookie from
the clients cookie cache. See:

http://msdn.microsoft.com/library/en-us/dv_vstechart/html/vbtchASPNETCookies101.asp

Greetings
Martin
XikoTripa said:
I've tryed in a different way

I removed the Cookie using

context.Response.Cookies.Remove(cookieName);

I'll try tomorroy morning using the code you posted and let you know.

thanks.



Martin said:
Try to delete the cookie manually:

cookie1 = Context.Request.Cookies[cookieName];
cookie1.Expires = new DateTime(1990, 1, 1);
Context.Response.Cookies.Add(cookie1);

Greetings
Martin
Hi all

I've implemented a login using Active Directory authentication, I mean
the user
must be an Active Directory domain user on our network and should be
login on the web site through aspx web page.

I did everything as MSDN article in
Click to expand...

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT02.asp
But I'm having problems to get the user logged off. I've tryied remove
cookie, I've tryied FormsAuthentication.SignOut() method, even
Session.Abandon(), but I got no success anyway.

Somebody could gimme some idea?

thanks in advance.
Click to expand...
Click to expand...
Click to expand...
 
Martin

no way, I've tried since Session.Abandon() through
Response.Cookies.Remove(<cookie name>) with no success at all.

I've google'd a littile and found some others suggestions but all of
them with the same result (I mean no result)

I'm thinking about using another authentication schema, 'cause I1m
afraid this will not work when moved to production site.



XikoTripa said:
I've tryed in a different way

I removed the Cookie using

context.Response.Cookies.Remove(cookieName);

I'll try tomorroy morning using the code you posted and let you know.

thanks.



Martin said:
Try to delete the cookie manually:

cookie1 = Context.Request.Cookies[cookieName];
cookie1.Expires = new DateTime(1990, 1, 1);
Context.Response.Cookies.Add(cookie1);

Greetings
Martin
Hi all

I've implemented a login using Active Directory authentication, I mean
the user
must be an Active Directory domain user on our network and should be
login on the web site through aspx web page.

I did everything as MSDN article in

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT02.asp

But I'm having problems to get the user logged off. I've tryied remove
cookie, I've tryied FormsAuthentication.SignOut() method, even
Session.Abandon(), but I got no success anyway.

Somebody could gimme some idea?

thanks in advance.
Click to expand...
Click to expand...
Click to expand...
 
Back
Top