info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
What comes after FormsAuthentication.SignOut()?
0 views
Skip to first unread message
IfThenElse
Oct 9, 2007, 12:29:35 PM10/9/07
to
Hi,
I asked this before but not reply, also I asked this in the asp.netSecurtiy
group but the group is in temporary coma no reply for few days.
I am still able to navigate back to secure area even after calling
FormsAuthentication.SignOut().
I asked this before but not reply, also I asked this in the asp.netSecurtiy
group but the group is in temporary coma no reply for few days.
I am still able to navigate back to secure area even after calling
FormsAuthentication.SignOut().
If I exit the browser and come back in it works fine, If I don't exit the
browser then I can still go to secure areas by modifying the url.
Not sure what to do.
help.
Thank you.
bruce barker
Oct 9, 2007, 1:43:30 PM10/9/07
to
depends on if you are in cookie mode or not.
in cookie mode it updates the cookie to not have an authentication cookie.
in cookieleess mode it redirects to the login without the url token.
going back in history in this case might resurrect the login token as
its in the url (it still has an expiration, so its not good forever).
-- bruce (sqlwork.com)
IfThenElse
Oct 9, 2007, 9:38:51 PM10/9/07
to
Bruce,
that is my problem the token is resurrected.
How do I make sure it is completely dead and no chance to resurrection???
Thank you,
"bruce barker" <nos...@nospam.com> wrote in message
news:Otd0yvpC...@TK2MSFTNGP06.phx.gbl...
0 new messages