P
pbd22
Hi.
I am having a hard time figuring this one out...
I have a sign in page. in my sign in logic, the successful
login uses forms authentication and assigns an HttpCookie
for the site-wide "user id" (ie. "Welcome BillG ! ").
when the user clicks on "signout" from any given page,
an XMLHttp call queries a server script (VB.NET) which
1) signs out the user if he is authenticated and
2) expires the cookie (DateTime.Now.AddYears(-1) ) for "user id".
my problem is that when the request is returned to the
client, it seems to have no effect on the status of the cookie. It
still reads "user id = BillG" when i do javascript:document.cookie.
Is it possible that my server code:
Response.Cookies.Add(cookie)
got complicated with the AJAX call? How do I "immediately" destroy the
cookie so the user is both unauthenticated AND his
user id is removed.
I hope I have explained myself clearly. Thanks for your replies.
Peter
I am having a hard time figuring this one out...
I have a sign in page. in my sign in logic, the successful
login uses forms authentication and assigns an HttpCookie
for the site-wide "user id" (ie. "Welcome BillG ! ").
when the user clicks on "signout" from any given page,
an XMLHttp call queries a server script (VB.NET) which
1) signs out the user if he is authenticated and
2) expires the cookie (DateTime.Now.AddYears(-1) ) for "user id".
my problem is that when the request is returned to the
client, it seems to have no effect on the status of the cookie. It
still reads "user id = BillG" when i do javascript:document.cookie.
Is it possible that my server code:
Response.Cookies.Add(cookie)
got complicated with the AJAX call? How do I "immediately" destroy the
cookie so the user is both unauthenticated AND his
user id is removed.
I hope I have explained myself clearly. Thanks for your replies.
Peter