Endless loop on delete auth cookie/abandon session

Discussion in 'ASP .Net' started by =?Utf-8?B?QmlsbCBCb3Jn?=, Feb 2, 2005.

  1. Hello all,

    Not sure I can describe this adequately, but I am creating an endless loop
    when an authenticated user signs out.

    When the user signs out, I want to remove authentication, abandon session,
    and redirect to default page. I need to use a custom cookie (I track separate
    logins to multiple "companies"), so afaik can't use the standard
    formsauthenication routines to create/delete the default ticket/cookie.

    Here's the code to sign out:
    ...
    login.DeleteAuthCookieEmail()
    Session.Abandon()
    Response.Redirect(MyURL.Default)
    ...
    Public Shared Sub DeleteAuthCookieEmail()
    Dim cookie As HttpCookie = New HttpCookie(GetAuthCookieName)
    cookie.Expires = DateTime.MinValue
    HttpContext.Current.Response.Cookies.Add(cookie)
    End Sub

    Here's code to create the cookie:
    Public Shared Sub SetAuthCookieEmail(ByVal Email As String)
    Dim cookie As HttpCookie = New HttpCookie(GetAuthCookieName)
    cookie.Expires = DateTime.MinValue
    cookie.Value = Email
    HttpContext.Current.Response.Cookies.Add(cookie)
    End Sub

    (GetAuthCookieName just returns a company-specific string for the cookie
    name).

    When I delete my authentication cookie and then do the redirect, it
    continues to run that block of code over and over. If I don't do the
    redirect, it ends fine, which makes me guess that the removal of
    authentication is "stuck" somewhere.

    Anyway, I think I'm missing something fundamental with sessions, cookies,
    tickets, and forms authentication, but just don't see it. All thoughts are
    much appreciated.

    tia,

    Bill Borg
     
    =?Utf-8?B?QmlsbCBCb3Jn?=, Feb 2, 2005
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    4
    Views:
    12,336
    swati254
    Jan 19, 2009
  2. Alexandre
    Replies:
    4
    Views:
    562
    Lasse Reichstein Nielsen
    Apr 12, 2005
  3. Leo
    Replies:
    1
    Views:
    437
    Thomas Heller
    Jul 4, 2003
  4. Matt Braun

    Session-specific Auth Cookie

    Matt Braun, Feb 2, 2006, in forum: ASP .Net Security
    Replies:
    18
    Views:
    339
    Luke Zhang [MSFT]
    Feb 22, 2006
  5. Isaac Won
    Replies:
    9
    Views:
    390
    Ulrich Eckhardt
    Mar 4, 2013
Loading...

Share This Page