logout issue

Discussion in 'ASP .Net' started by Guest, Jan 12, 2005.

  1. Guest

    Guest Guest

    Dear Helper,
    I have done an asp.net web application using vb.net with a login page for
    authentication.
    I am using forms auth, with an sql database.
    After I call FormsAuthentication.SignOut(), form, say default.aspx which
    requires authentication (aftel logging in of course), the browser redirects
    me to the Login page.
    The problem is, that if i copy the URL after logging in, and then I Log Out,
    and then I paste it in to the address bar, the browser redirects me to the
    same default.aspx page, without prompting for the password. The UserName and
    Password are not transmitted through the query string, authentication is done
    by the book.(at least i think so)
    I think this would mean a security breach.
    What can I do?
    Thank You,
    Mihai Tatarca
     
    Guest, Jan 12, 2005
    #1
    1. Advertisements

  2. What happens if you copy the URL, close the browser, restart the browser and
    try loading the page?
     
    Philip Q [MVP], Jan 12, 2005
    #2
    1. Advertisements

  3. Guest

    Guest Guest

    okay, that redirects me back to the login page
    but what if the user forgets to close the browser?
    can i do anything about it?


     
    Guest, Jan 12, 2005
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.