Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Forms Authentication Ticket isn't destroyed when logging out

Reply
Thread Tools

Forms Authentication Ticket isn't destroyed when logging out

 
 
Ethan Chan
Guest
Posts: n/a
 
      04-25-2005

I am using forms authentication on my web application which requires users
to log in to add content on their website.

Upon loggin out, i used the log out method in the Forms Authentication
Ticket. However when i have hijacked the cookie, i am still able to access
the protected pages.

Tel : [65] 6225 1308 Fax : [65] 6225 1931 www.active8.com.sg


 
Reply With Quote
 
 
 
 
Gabriel Lozano-Morán
Guest
Posts: n/a
 
      04-25-2005
And in the page load of your logout page you call the following lines?

Session.Abandon();
System.Web.Security.FormsAuthentication.SignOut();

Gabriel Lozano-Morán
Software Engineer
Sogeti


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ASP.Net Forms Authentication - Storing Enrypted Ticket In HttpCookie Mythran ASP .Net 2 03-08-2007 04:50 PM
Forms Authentication Ticket Functionality With Windows Authentication jfer ASP .Net Security 3 09-16-2005 06:30 PM
Forms Authentication Ticket/Cookie values =?Utf-8?B?Y2h1Y2sgcnVkb2xwaA==?= ASP .Net 3 05-19-2005 12:16 AM
forms authentication ticket .userdata vanishing e ASP .Net 1 10-24-2003 06:14 PM
Authentication ticket, cookieless, forms authentication? Lauchlan M ASP .Net Security 0 10-01-2003 12:23 AM



Advertisments