but when the user click the back button they can access the web page without log in...
when u visit the page then it is stored in cache of browser.... when u click logout and abandon session then, actually user has been logged out
however, u click on back button and browser first tries to find if the back page is available in cache... if yes, display it from cache and not send request to server... since, session was cleared on server browser did not identify that user is no more logged
in....
but, in this case, if user tries to click on some button on the page then he will be thrown onto the login page bacause this time request will be sent to server and it will be determined that user session is not more valid....
still, if u dont want to let user simply view the back page after logging out... then, u need to instruct browser not to cache the pages which are accessed after login...
but if the user log in into the webpage then they copy the url, then
the user open the new tab in same web browse, so they user can browse as usual
This is how browsers are designed.... all tabs of single browser window share the session...
This is infact functionaly correct. Users may want to open multiple links of u r site in two different tabs and perform two different operations simultaneously... stopping users from doing it is not right design
you may want to block user from loging with two different usernames in same browser window... that can be done using some session tweak...
on load of login page, you can check if Session["UserName"] key is already present... if yes, user is already logged in either same or other tab of windo, then u can hide the login button and request user to logoof from other instance of tab.
hope this helps...
Cheers!
KK
Please mark as Answer if post helps in resolving your issue
My Site
Marked as answer by afastars on Dec 24, 2012 10:19 PM
afastars
Member
52 Points
221 Posts
Session Not Work If User Click Back Button
Dec 24, 2012 04:08 AM|LINK
hi all expertise
i already create a session what happen is that, when the user click the log out button it will redirect into log in page,(that was the corrent way)
but when the user click the back button they can access the web page without log in...
how to resolve this problem, i already use session.abandon() but this problem still occurs
kedarrkulkar...
All-Star
34545 Points
5554 Posts
Re: Session Not Work If User Click Back Button
Dec 24, 2012 04:28 AM|LINK
when u visit the page then it is stored in cache of browser.... when u click logout and abandon session then, actually user has been logged out
however, u click on back button and browser first tries to find if the back page is available in cache... if yes, display it from cache and not send request to server... since, session was cleared on server browser did not identify that user is no more logged in....
but, in this case, if user tries to click on some button on the page then he will be thrown onto the login page bacause this time request will be sent to server and it will be determined that user session is not more valid....
still, if u dont want to let user simply view the back page after logging out... then, u need to instruct browser not to cache the pages which are accessed after login...
check these
http://www.dotnetfunda.com/codes/code1651-prevent-back-button-after-logout-in-aspnet.aspx
http://geekswithblogs.net/Frez/archive/2010/05/18/back-button-issue-after-logout-in-asp.net.aspx
hope this helps...
KK
Please mark as Answer if post helps in resolving your issue
My Site
afastars
Member
52 Points
221 Posts
Re: Session Not Work If User Click Back Button
Dec 24, 2012 05:25 AM|LINK
hi kedarrkulkarni
i got it....it work in my site thanks a lot's
....but if the user log in into the webpage then they copy the
url, then
the user open the new tab in same web browse, so they user can browse as usual
so how to prevent this....i want to restrict the user to open the web page if they copy the url and open the new tab in same web browser
kedarrkulkar...
All-Star
34545 Points
5554 Posts
Re: Session Not Work If User Click Back Button
Dec 24, 2012 06:00 AM|LINK
This is how browsers are designed.... all tabs of single browser window share the session...
This is infact functionaly correct. Users may want to open multiple links of u r site in two different tabs and perform two different operations simultaneously... stopping users from doing it is not right design
you may want to block user from loging with two different usernames in same browser window... that can be done using some session tweak...
on load of login page, you can check if Session["UserName"] key is already present... if yes, user is already logged in either same or other tab of windo, then u can hide the login button and request user to logoof from other instance of tab.
hope this helps...
KK
Please mark as Answer if post helps in resolving your issue
My Site
afastars
Member
52 Points
221 Posts
Re: Session Not Work If User Click Back Button
Dec 24, 2012 06:58 AM|LINK
hi kedarrkulkarni
thanks for reply...i got it