Conditional execution of Signout

Discussion in 'ASP .Net Security' started by mklapp, Feb 3, 2004.

  1. mklapp

    mklapp Guest

    Hello,

    I have a web app with a login page. It all seems to work nicely. The default page redirects to the login, the login redirects to the default(menu) page which has a signout link. If I click the signout link, the cookie is removed.

    However, if I close the browser, the cookie persists (apparently) as when I restart the app, I am taken to the main menu page without logging on.

    The authentication ticket is generated as not persistent with a timeout of 30.

    I would like to put something in the Page_Unload handler to signout if the user has not already done so, but do not want to do it at anyother time (when transferring from the main menu to an App page.) but cannot figure a safe and reliable check.

    Suggestions?

    mklapp
    mklapp, Feb 3, 2004
    #1
    1. Advertising

  2. mklapp

    MSFT Guest

    Hello,

    Thank you for using the community. As I understand, your ASP.NET
    application use Form Authentication and non-persisted cookie. You want to
    SignOut the user once they close the IE window. Is this correct?

    Normmally, we can pust the Formsauthentication.SignOut method in
    SessionTimeOut, and use TimeOut setting of session to determine if the user
    exits the application.

    Luke
    Microsoft Online Support

    Get Secure! www.microsoft.com/security
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)
    MSFT, Feb 4, 2004
    #2
    1. Advertising

  3. Hi Mklapp,

    Have you tried to set the cookie's Expires to DateTime.MinValue? This can
    make it a session cookie. It will expires after you close the browser.

    Regards,

    Felix Wu
    =============
    This posting is provided "AS IS" with no warranties, and confers no rights.


    --------------------
    >Thread-Topic: Conditional execution of Signout
    >thread-index: AcPqcnC/Yk88qekDTceDE0Gq1DjSxQ==
    >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
    >From: =?Utf-8?B?bWtsYXBw?= <>
    >Subject: Conditional execution of Signout
    >Date: Tue, 3 Feb 2004 08:26:13 -0800
    >Lines: 15
    >Message-ID: <>
    >MIME-Version: 1.0
    >Content-Type: text/plain;
    > charset="Utf-8"
    >Content-Transfer-Encoding: 7bit
    >X-Newsreader: Microsoft CDO for Windows 2000
    >Content-Class: urn:content-classes:message
    >Importance: normal
    >Priority: normal
    >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
    >Newsgroups: microsoft.public.dotnet.framework.aspnet.security
    >Path: cpmsftngxa07.phx.gbl
    >Xref: cpmsftngxa07.phx.gbl

    microsoft.public.dotnet.framework.aspnet.security:8509
    >NNTP-Posting-Host: tk2msftcmty1.phx.gbl 10.40.1.180
    >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
    >
    >Hello,


    I have a web app with a login page. It all seems to work nicely. The
    default page redirects to the login, the login redirects to the
    default(menu) page which has a signout link. If I click the signout link,
    the cookie is removed.

    However, if I close the browser, the cookie persists (apparently) as
    when I restart the app, I am taken to the main menu page without logging on.

    The authentication ticket is generated as not persistent with a timeout
    of 30.

    I would like to put something in the Page_Unload handler to signout if
    the user has not already done so, but do not want to do it at anyother time
    (when transferring from the main menu to an App page.) but cannot figure a
    safe and reliable check.

    Suggestions?

    mklapp


    >
    Felix Wu [MSFT], Feb 4, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Signout does not signout.

    , Apr 4, 2006, in forum: ASP .Net
    Replies:
    2
    Views:
    467
  2. Alec S.
    Replies:
    10
    Views:
    10,113
    Alec S.
    Apr 16, 2005
  3. metaperl
    Replies:
    1
    Views:
    254
    Gabriel Genellina
    Dec 12, 2006
  4. Gerald Britton

    Style question for conditional execution

    Gerald Britton, Nov 24, 2010, in forum: Python
    Replies:
    4
    Views:
    228
    Asun Friere
    Nov 25, 2010
  5. petersson
    Replies:
    2
    Views:
    124
    J├╝rgen Exner
    Jul 22, 2004
Loading...

Share This Page