If I exit the browser and come back in it works fine, If I don't exit the
browser then I can still go to secure areas by modifying the url.
Not sure what to do.
help.
Thank you.
in cookie mode it updates the cookie to not have an authentication cookie.
in cookieleess mode it redirects to the login without the url token.
going back in history in this case might resurrect the login token as
its in the url (it still has an expiration, so its not good forever).
-- bruce (sqlwork.com)
that is my problem the token is resurrected.
How do I make sure it is completely dead and no chance to resurrection???
Thank you,
"bruce barker" <nos...@nospam.com> wrote in message
news:Otd0yvpC...@TK2MSFTNGP06.phx.gbl...