Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Nov 16, 2012 05:07 PM by Ruchira
Nov 13, 2012 12:13 PM|LINK
I'm trying to logout a user and managed to do so in different ways:
On one machine, all of these methods will successfully log out the user. On another machine none of these methods work.
I am sure that above code runs in both cases, but in the second case the httpcontext.current.user remains as the first logged in user.
I have not found any differences between the two servers when searching the IIS 7.5 manager. Are there any other settings that would prohibit the cookies or session variables from being cleared?
Nov 13, 2012 01:14 PM|LINK
Had the same issue for a while untill I discovered my problem.
While building a second website for another I copied pretty much most settings from the web.config file, inluding authenticationsettings (cookiename) and machinekeysettings (validationkey and decryptionkey). On both webites I was registred as a user with
the samen login and pw.
Even when I signed of on one site, I remained loggedon because the cookies for both websites were identical!
Changing the machinekeysettings in de web.config solved my problem.
Nov 13, 2012 01:49 PM|LINK
In the IIS manager i've set it to automatically generate unique keys at runtime so I dont think this is my problem
Nov 13, 2012 04:34 PM|LINK
In that case I'm out of idea's.
Nov 15, 2012 07:03 AM|LINK
In order to resolve your issue, please try to do as follows:
1. Check whether the configuration of IIS is same.
2. Check whether the cookies are
disabled in another server.
Nov 16, 2012 05:07 PM|LINK
Try this for logout
HttpCookie cookie1 = new HttpCookie(FormsAuthentication.FormsCookieName, "");
cookie1.Expires = DateTime.Now.AddYears(-1);
HttpCookie cookie2 = new HttpCookie("ASP.NET_SessionId", "");
cookie2.Expires = DateTime.Now.AddYears(-1);
Please 'Mark as Answer' if this post helps you.