Forms Authentication Ticket isn't destroyed when logging out

Discussion in 'ASP .Net Security' started by Ethan Chan, Apr 25, 2005.

  1. Ethan Chan

    Ethan Chan Guest

    I am using forms authentication on my web application which requires users
    to log in to add content on their website.

    Upon loggin out, i used the log out method in the Forms Authentication
    Ticket. However when i have hijacked the cookie, i am still able to access
    the protected pages.

    Tel : [65] 6225 1308 Fax : [65] 6225 1931 www.active8.com.sg
     
    Ethan Chan, Apr 25, 2005
    #1
    1. Advertising

  2. And in the page load of your logout page you call the following lines?

    Session.Abandon();
    System.Web.Security.FormsAuthentication.SignOut();

    Gabriel Lozano-Morán
    Software Engineer
    Sogeti
     
    Gabriel Lozano-Morán, Apr 25, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. e
    Replies:
    1
    Views:
    3,585
    John Saunders
    Oct 24, 2003
  2. =?Utf-8?B?Y2h1Y2sgcnVkb2xwaA==?=

    Forms Authentication Ticket/Cookie values

    =?Utf-8?B?Y2h1Y2sgcnVkb2xwaA==?=, May 17, 2005, in forum: ASP .Net
    Replies:
    3
    Views:
    647
    Brock Allen
    May 19, 2005
  3. Mythran
    Replies:
    2
    Views:
    406
    Mythran
    Mar 8, 2007
  4. Lauchlan M
    Replies:
    0
    Views:
    226
    Lauchlan M
    Oct 1, 2003
  5. jfer
    Replies:
    3
    Views:
    560
    Dominick Baier [DevelopMentor]
    Sep 16, 2005
Loading...

Share This Page