Forms Authentication Ticket isn't destroyed when logging out

E

Ethan Chan

I am using forms authentication on my web application which requires users
to log in to add content on their website.

Upon loggin out, i used the log out method in the Forms Authentication
Ticket. However when i have hijacked the cookie, i am still able to access
the protected pages.

Tel : [65] 6225 1308 Fax : [65] 6225 1931 www.active8.com.sg
 
G

Gabriel Lozano-Morán

And in the page load of your logout page you call the following lines?

Session.Abandon();
System.Web.Security.FormsAuthentication.SignOut();

Gabriel Lozano-Morán
Software Engineer
Sogeti
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Create Forms Authentication Ticket with Machine Keys 1
Create Forms Authentication Ticket with MachineKeys 9
Expire Forms Authentication Ticket on Server Side 1
Forms Authentication Ticket Reissue 1
Ticket disappears when browser is closed 3
forms authentication ticket expiration problem 2
ASP.NET application more than 200MB virtual memory 4
Forms Authentication Ticket Functionality With Windows Authentication 3

Members online

No members online now.
Total: 30 (members: 0, guests: 30)
Robots: 439

Forum statistics

Threads
473,769
Messages
2,569,578
Members
45,052
Latest member
LucyCarper

Latest Threads

Top