Reputation:
How to properly sign out user
I have a made a ASP.NET membership provider, it works well but I notice that if the user changes passwords signs out and then tries to sign in again it fails, this also happends if the user has two or more accounts and signs out with one and tries to sign in with the other. If the user clears cookies in the browser he/she can sign in again, so it seems that when the user signs out the cookies are not deleted for some reason. Here is my sign out code:
void ClearAuthenticationCookie()
{
var cookie1 = new HttpCookie(FormsAuthentication.FormsCookieName, String.Empty) { Expires = DateTime.Now.AddYears(-1) };
Response.Cookies.Add(cookie1);
}
protected void Page_Load(object sender, EventArgs e)
{
FormsAuthentication.SignOut();
ClearAuthenticationCookie();
FormsAuthentication.RedirectToLoginPage();
}
Upvotes: 1
Views: 209
Answers (2)
Reputation:
I figured it out now and it was really silly; the FormsAuthentication.RedirectToLoginPage() from the sign out page puts /Login.aspx?ReturnUrl=%2fAccount%2fLogout.aspx in the URL, so if you try to sign in it redirects back to the sign out page again. I should have seen this earlier, sorry for wasting your time :(
Upvotes: 1
Reputation: 16134
try adding this on page load of your signout page:
Session.Clear();
Upvotes: 0
Related Questions
- how to logout the user from my asp.net application?
- forcefully log out a specific user among all online users
- ASP.Net Identity sign-out all sessions
- ASP.NET LoginStatus: logout not working
- How to log out a user when a session times out or ends
- Logout member on browser close
- ASP.Net logout code block
- How to log off multiple MembershipUsers that are not the current user?
- Asp.net membership logout automatically
- how to LogOut in ASP membership