|
|||||||||
|
|||||||||
|
|||||||||
 |
|||||||||
| |
||
|
|
|
|
|||||||||
|
|||||||||
|
|||||||||
|
|||||||||
| |
||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
ASP Free Forums Sponsor:
|
|
|
|
#1
March 5th, 2004, 08:05 AM
|
|||
|
|||
Logout (without getting page using back button)
hi everybody
i would like to have a logout page which is very secure so that if the user clicks on the back button , he will not be able to view the previous page. i think i must use the session object for it. Anybody knows how to do it?
|
|
#2
March 5th, 2004, 10:07 AM
|
|||
|
|||
|
Hi - I forgot how I had implemented this with JSP - years back. I remember killing all the cookies from client m/c when they hit logout and if they tried refreshing their page - I displayed - the page you are trying to access has been destroyed (I dont remember what I did to create this functionality). I have never done this with .NET though.
|
|
#3
March 5th, 2004, 03:46 PM
|
|||
|
|||
|
hi......
yea u gotta use sessions. i just done that for my own coursework.....u'll find ur answer at the following link..... http://forums.aspfree.com/t23306/s....=Authentication you just put this piece of code after the user logs in...... session("userValid") = "Yes" and put this piece of code on EVERY page u want to make secure.... Sub Page_Load if Session("userValid") = "Yes" then Else Response.redirect("Login.aspx") End IF End Sub let me know if that worked for you.....
|
|
#4
March 7th, 2004, 02:04 AM
|
|||
|
|||
Quote:
thanks for your reply ps 124 but no it didn`t work;i tried it, i think is for ASP not ASP.Net . Shouldn`t we use something like "if session expires then ..."? what you told me doesnot prevent the previous page from appearing when i click on BACK after logging out. Any idea on how to do it in ASP.net?The link you gave me doesnot work , please give it again, i wanted to have a look at it. If anybody else knows, please tell me. Thanks Last edited by radha : March 7th, 2004 at 02:07 AM.
|
|
#5
March 7th, 2004, 09:52 PM
|
|||
|
|||
hi radha......
u indian by the way???? lol, same here.........but yea this code is for asp.net...... ive done it for my own coursework just a few days back and i can tell u for sure it works for me. look at the link again, it explains it better anyway.....but its for asp.net for sure. leme kno again ok........
|
|
#7
March 12th, 2004, 03:43 AM
|
|||
|
|||
Logout
hi ps124
i have tried the code again, but it has a problem . it works perfectly only when i enable trace, telling me that the page has expired when i click on back after logging in, but when trace is disabled, i can get the previos page when i click on back. I think it has something to do with caching. Do u have any idea on it? Does anybody else know how we can implement the apge so that after logging out it will not be available when we click on back? Thanks
|
|
#8
May 19th, 2004, 03:32 AM
|
||||
|
||||
|
To logout
Just use the code in 'logout.aspx' page_load event
Sesseion.Abandon() And mention the code in 'Web.config' file Authentication area <authentication mode="Forms"> <forms name="userId" loginUrl="/login.aspx" path="/"> </forms> </authentication> mention ur loginpage name in 'loginUrl' attribute. and check it and send ur feedback. Regards -Gopi
|
|
#9
May 19th, 2004, 06:25 AM
|
|||
|
|||
|
Im not sure but i think it is something to do with the caching of the pages.
Checking the session variable on the form_load of each page will only work if you refresh a page or open a new one. I think what your talking about is when you click back on the browser. The page that is displayed is got from the cahce. You will need to clear the cache when the user logs out. However, im not sure how to do it but a quick search on google should sort you out. let me know if you find a solution to this regards Dave
|
|
#10
May 19th, 2004, 07:30 AM
|
||||
|
||||
|
Clear the cache
To clear the cache.
use the code in Page_Load event. Response.Expires = -100 Response.CacheControl = "no-cache" Regards -Gopi
|
|
#11
May 21st, 2004, 10:22 AM
|
|||
|
|||
|
hi dave
Caching was exactly the problem. Here is the solution which works for me: Response.CacheControl="no-cache" Response.AddHeader("Pragma", "no-cache") Response.Expires=-1 this removes the page from te hcache so that the user can't get the previous page upon clicking on back. Session variables do not solve the problem.
|
|
#12
May 30th, 2004, 05:39 AM
|
|||
|
|||
|
logout
Quote:
hello gopi just wanted to ask you if you could explain what does this procedures do specially in making a logout page. i am a newbie in asp .net, and i am creating a logout page but it seems that if i click the back button it just reurns to the previous page and the user can continue on using the system. ill w8 4 ur response. thanks a lot regards, kabayan
|
|
#13
June 2nd, 2004, 11:53 AM
|
||||
|
||||
|
Do the following steps
Hi,
Two steps 1. For every page_Load event add the code Response.CacheControl="no-cache" Response.AddHeader("Pragma", "no-cache") Response.Expires=-1 Just use the code in 'logout.aspx' page_load event Sesseion.Abandon() And mention the code in 'Web.config' file Authentication area <authentication mode="Forms"> <forms name="userId" loginUrl="/login.aspx" path="/"> </forms> </authentication> mention ur loginpage name in 'loginUrl' attribute. and check it and send ur feedback. Regards -Gopi
|
|
| Viewing: ASP Free Forums > Programming > .NET Development > Logout (without getting page using back button) |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
|
 |
|
|
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
