Session logout problem
-
Hi, I m working on an asp.net c# website. I have used session to maintain user login. Now the problem is when user clicks logout I have removed the session variables value and redirected user to a default page. Now when the user clicks back button of the browser he is again inside that website which is supposed to be used after login. Is there any solution for this ? Regards
Vijay V. Yash Softech
-
Hi, I m working on an asp.net c# website. I have used session to maintain user login. Now the problem is when user clicks logout I have removed the session variables value and redirected user to a default page. Now when the user clicks back button of the browser he is again inside that website which is supposed to be used after login. Is there any solution for this ? Regards
Vijay V. Yash Softech
-
already tried.not working.
Vijay V. Yash Softech
-
already tried.not working.
Vijay V. Yash Softech
I m testing this in Mozilla firefox. In IE it works. session.remove() etc. Regards
Vijay V. Yash Softech
-
already tried.not working.
Vijay V. Yash Softech
Sumit has given the correct solution. you have to use Session.Abondan(). it will remove all session and set them to null. if this is your logout code
public void logout() { Session.Abondan(); Response.Redirect("Login.aspx"); }Now it will redirect to Login page. now if user click on Back Button of browser , it will again back to your last page, so you have to check the session on page load checkif(Session["UserName"] == null ) { response.redirect("Login.aspx"); } else { // User with valid session }so this will again redirect to your login page even if user click on back button.cheers, Abhijit
-
Sumit has given the correct solution. you have to use Session.Abondan(). it will remove all session and set them to null. if this is your logout code
public void logout() { Session.Abondan(); Response.Redirect("Login.aspx"); }Now it will redirect to Login page. now if user click on Back Button of browser , it will again back to your last page, so you have to check the session on page load checkif(Session["UserName"] == null ) { response.redirect("Login.aspx"); } else { // User with valid session }so this will again redirect to your login page even if user click on back button.cheers, Abhijit
I have done this. I have checked session at page load for empty or null. this has something to do with browser. Mozilla maitains session in cache or something coz when I try to use any feature after pressing back button I m again out. Any suggestion? Regards
Vijay V. Yash Softech
-
Hi, I m working on an asp.net c# website. I have used session to maintain user login. Now the problem is when user clicks logout I have removed the session variables value and redirected user to a default page. Now when the user clicks back button of the browser he is again inside that website which is supposed to be used after login. Is there any solution for this ? Regards
Vijay V. Yash Softech
-
It will work but I dont think its a good practice. Regards
Vijay V. Yash Softech
-
Brij, I think it will not be a parmanent soluation . Any idea to resolve ?
cheers, Abhijit
-
Brij, I think it will not be a parmanent soluation . Any idea to resolve ?
cheers, Abhijit
Trying to find out. Regards
Vijay V. Yash Softech
-
Trying to find out. Regards
Vijay V. Yash Softech
you can use window.history.forward(1); to disallow the back button to be clicked ... whenever session expires.. Just after redirect, place this script to the login.aspx.
Abhishek Sur
-
you can use window.history.forward(1); to disallow the back button to be clicked ... whenever session expires.. Just after redirect, place this script to the login.aspx.
Abhishek Sur
Will it be solve the actual purpose , (remove cache from browser ) ?
cheers, Abhijit
-
Sumit has given the correct solution. you have to use Session.Abondan(). it will remove all session and set them to null. if this is your logout code
public void logout() { Session.Abondan(); Response.Redirect("Login.aspx"); }Now it will redirect to Login page. now if user click on Back Button of browser , it will again back to your last page, so you have to check the session on page load checkif(Session["UserName"] == null ) { response.redirect("Login.aspx"); } else { // User with valid session }so this will again redirect to your login page even if user click on back button.cheers, Abhijit
Abhijit Jana wrote:
so this will again redirect to your login page even if user click on back button.
NO. When you press back button, no request is made by the browser for the page.It just loads from the cache. So page_load code won't get execute.
Navaneeth How to use google | Ask smart questions
-
Brij, I think it will not be a parmanent soluation . Any idea to resolve ?
cheers, Abhijit
There is no permanent solution available.
Navaneeth How to use google | Ask smart questions
-
Hi, I m working on an asp.net c# website. I have used session to maintain user login. Now the problem is when user clicks logout I have removed the session variables value and redirected user to a default page. Now when the user clicks back button of the browser he is again inside that website which is supposed to be used after login. Is there any solution for this ? Regards
Vijay V. Yash Softech
VijayVishwakarma wrote:
Is there any solution for this ?
No reliable solutions are available. When you press back button, browser loads the previous page from it's cache. It won't request for that page again. Some JS can forward the page when back button is pressed, but again it is not reliable as JS can be turned off. If you are very much concerned about users viewing the page, I suggest to use popup window for displaying all your secure pages. Once user logs out, close that popup. Also ensure that your webpages are not accessible when user has turned off JS.
Navaneeth How to use google | Ask smart questions
-
you can use window.history.forward(1); to disallow the back button to be clicked ... whenever session expires.. Just after redirect, place this script to the login.aspx.
Abhishek Sur
This isnt the best solution. The problem is that you shouldnt be trying to disable areas of the browser because no matter what, if a user wants to and knows how they will be able to use every feature of the browser they wish to. You should be building a better web app so it doesnt matter if the user hits the back button in the browser.
Deliver yesterday, code today, think tomorrow. "http://www.heuse.com/cphumor.htm"
-
Hi, I m working on an asp.net c# website. I have used session to maintain user login. Now the problem is when user clicks logout I have removed the session variables value and redirected user to a default page. Now when the user clicks back button of the browser he is again inside that website which is supposed to be used after login. Is there any solution for this ? Regards
Vijay V. Yash Softech
Check this article out: BackButton
Deliver yesterday, code today, think tomorrow. "http://www.heuse.com/cphumor.htm"
-
Hi, I m working on an asp.net c# website. I have used session to maintain user login. Now the problem is when user clicks logout I have removed the session variables value and redirected user to a default page. Now when the user clicks back button of the browser he is again inside that website which is supposed to be used after login. Is there any solution for this ? Regards
Vijay V. Yash Softech
There are many alternatives to it not the exact solution 1. When User clicks log out button close the browser after resetting the session. 2. After logged out also when user clicks back browser button then you could see the last page visited when user was logged in But this page comes from Cache no server side request has sent So no worry if you are checking user credentials in every page he won't be able to do any thing I think just remove Cache ok even if he refresh the Page then he should redirect to default log in Page Hope i am able to explain it
Thanks and Regards Sandeep If If you look at what you do not have in life, you don't have anything, If you look at what you have in life, you have everything... " Check My Blog
-
This isnt the best solution. The problem is that you shouldnt be trying to disable areas of the browser because no matter what, if a user wants to and knows how they will be able to use every feature of the browser they wish to. You should be building a better web app so it doesnt matter if the user hits the back button in the browser.
Deliver yesterday, code today, think tomorrow. "http://www.heuse.com/cphumor.htm"
Can this be managed using cookies? Coz the sites like gmail uses cookies to handle login and once you logout they wont allow you to login again. Am I thinking right? Any suggestion? Regards
Vijay V. Yash Softech
-
Hi, I m working on an asp.net c# website. I have used session to maintain user login. Now the problem is when user clicks logout I have removed the session variables value and redirected user to a default page. Now when the user clicks back button of the browser he is again inside that website which is supposed to be used after login. Is there any solution for this ? Regards
Vijay V. Yash Softech
Put this in your Page Load event : Response.Expires = 0; Response.ExpiresAbsolute = DateTime.Now;