S
Steffen Loringer
Hi
I'm using Session.Abandon() to end a user session when clicking the
Logout button of the application. But if the user request the page
directly via URL in IE the server starts processing the page again.
The sessionIDs are the same in both cases.
I expected the sessionID not to be valid anymore.Should one end the user
session in another way? If a user is logged out he should be redirected
to the login page if he requests pages directly.
Thanks for help
Steffen
I'm using Session.Abandon() to end a user session when clicking the
Logout button of the application. But if the user request the page
directly via URL in IE the server starts processing the page again.
The sessionIDs are the same in both cases.
I expected the sessionID not to be valid anymore.Should one end the user
session in another way? If a user is logged out he should be redirected
to the login page if he requests pages directly.
Thanks for help
Steffen