Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Conditional execution of Signout

Reply
Thread Tools

Conditional execution of Signout

 
 
mklapp
Guest
Posts: n/a
 
      02-03-2004
Hello,

I have a web app with a login page. It all seems to work nicely. The default page redirects to the login, the login redirects to the default(menu) page which has a signout link. If I click the signout link, the cookie is removed.

However, if I close the browser, the cookie persists (apparently) as when I restart the app, I am taken to the main menu page without logging on.

The authentication ticket is generated as not persistent with a timeout of 30.

I would like to put something in the Page_Unload handler to signout if the user has not already done so, but do not want to do it at anyother time (when transferring from the main menu to an App page.) but cannot figure a safe and reliable check.

Suggestions?

mklapp


 
Reply With Quote
 
 
 
 
MSFT
Guest
Posts: n/a
 
      02-04-2004
Hello,

Thank you for using the community. As I understand, your ASP.NET
application use Form Authentication and non-persisted cookie. You want to
SignOut the user once they close the IE window. Is this correct?

Normmally, we can pust the Formsauthentication.SignOut method in
SessionTimeOut, and use TimeOut setting of session to determine if the user
exits the application.

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

 
Reply With Quote
 
 
 
 
Felix Wu [MSFT]
Guest
Posts: n/a
 
      02-04-2004
Hi Mklapp,

Have you tried to set the cookie's Expires to DateTime.MinValue? This can
make it a session cookie. It will expires after you close the browser.

Regards,

Felix Wu
=============
This posting is provided "AS IS" with no warranties, and confers no rights.


--------------------
>Thread-Topic: Conditional execution of Signout
>thread-index: AcPqcnC/Yk88qekDTceDE0Gq1DjSxQ==
>X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
>From: =?Utf-8?B?bWtsYXBw?= <(E-Mail Removed)>
>Subject: Conditional execution of Signout
>Date: Tue, 3 Feb 2004 08:26:13 -0800
>Lines: 15
>Message-ID: <(E-Mail Removed)>
>MIME-Version: 1.0
>Content-Type: text/plain;
> charset="Utf-8"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>Content-Class: urn:content-classes:message
>Importance: normal
>Priority: normal
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
>Newsgroups: microsoft.public.dotnet.framework.aspnet.security
>Path: cpmsftngxa07.phx.gbl
>Xref: cpmsftngxa07.phx.gbl

microsoft.public.dotnet.framework.aspnet.security: 8509
>NNTP-Posting-Host: tk2msftcmty1.phx.gbl 10.40.1.180
>X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
>
>Hello,


I have a web app with a login page. It all seems to work nicely. The
default page redirects to the login, the login redirects to the
default(menu) page which has a signout link. If I click the signout link,
the cookie is removed.

However, if I close the browser, the cookie persists (apparently) as
when I restart the app, I am taken to the main menu page without logging on.

The authentication ticket is generated as not persistent with a timeout
of 30.

I would like to put something in the Page_Unload handler to signout if
the user has not already done so, but do not want to do it at anyother time
(when transferring from the main menu to an App page.) but cannot figure a
safe and reliable check.

Suggestions?

mklapp


>


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Style question for conditional execution Gerald Britton Python 4 11-25-2010 12:45 AM
Encapsulating conditional execution based on list membership - how do you do it? metaperl Python 1 12-12-2006 12:37 AM
Signout does not signout. craigkenisston@hotmail.com ASP .Net 2 04-05-2006 03:48 AM
? ELSE Conditional Comment / Using Conditional Comments Inside Other Tags To Comment Out Attributes Alec S. HTML 10 04-16-2005 02:21 AM
Off topic? Or limited conditional execution... petersson Perl Misc 2 07-22-2004 12:54 PM



Advertisments