Search:   Namespaces Discussions .NET v1.1 Feedback

Session problem Messages   Related Types This message was discovered on microsoft.public.dotnet.faqs. Post a new message to this list... Stephen HI, I have created an application that has a logout.aspx page. here I clear the session variables and redirect the user to the login page, but if I dont close the brower and hit the "back" button. the user is directed to the old pages. How do i avoid this? Please advice, Stephen Reply to this message...        x Taking the code from the IBUYSPY portal's admin/logoff.aspx.cs code-behind private void Page_Load(object sender, System.EventArgs e) { // Log User Off from Cookie Authentication System FormsAuthentication.SignOut(); // Invalidate roles token Response.Cookies["portalroles"].Value = null; Response.Cookies["portalroles"].Expires = new System.DateTime(1999, 10, 12); Response.Cookies["portalroles"].Path = "/"; // Redirect user back to the Portal Home Page Response.Redirect(Request.ApplicationPath); } Key points: 1.. logout 2.. invalidate the authentication cookie(s) and session variables 3.. and redirect to a page to prevent the back button from going to a previous page This wil not prevent someone to navigate to a cached page in their history, so check for authentication on each page where it is necessary "Stephen" <Click here to reveal e-mail address> wrote in message news:Click here to reveal e-mail address... [Original message clipped] Reply to this message...        R.Balaji Hi, On the page load event of each page, check for the session variables. If the session variable is empty, then redirect the page to the login page. eg) private void Page_Load(object sender, System.EventArgs e) { if (Session["User_Id"].ToString().Trim().Equals(string.Empty)){ Response.Redirect("Login.aspx?Msg=Session expired. Please login again."); } } Regards, R.Balaji "Stephen" <Click here to reveal e-mail address> wrote in message news:Click here to reveal e-mail address... [Original message clipped] Reply to this message...     System.DateTime System.EventArgs System.Web.Security.FormsAuthentication Ad MBR BootFX Best-of-breed application framework for .NET projects, developed by Matthew Baxter-Reynolds and MBR IT

Copyright © Matthew Baxter-Reynolds 2001-2008. '.NET 247 Software Development Services' is a trading style of MBR IT Solutions Ltd. Contact Us - Terms of Use - Privacy Policy - www.dotnet247.com