http://forums.asp.net/25.aspxAll about ASP.NET security (authentication, authorization, membership, roles, etc.) and the Login controls. <a href="http://aspadvice.com/SignUp/list.aspx?l=24&c=17" target="_blank">Email List</a>enCommunityServer 2007 SP1 (Build: 20510.895)http://forums.asp.net/thread/3275344.aspxSun, 05 Jul 2009 12:18:26 GMT4c671506-2930-414c-a40b-8bf57ded5924:3275344ClaCSClaCS0http://forums.asp.net/thread/3275344.aspxhttp://forums.asp.net/commentrss.aspx?SectionID=25&PostID=3275344<p>Thanks. I&#39;ll try with that code</p>http://forums.asp.net/thread/3274400.aspxSat, 04 Jul 2009 07:30:50 GMT4c671506-2930-414c-a40b-8bf57ded5924:3274400akhhttarakhhttar0http://forums.asp.net/thread/3274400.aspxhttp://forums.asp.net/commentrss.aspx?SectionID=25&PostID=3274400<p>Hi,</p><p>In master page you need to have following code to disable Back button fuctionality by disabling client side content caching,</p><p>Response.Buffer = True<br />Response.Cache.SetCacheability(HttpCacheability.NoCache)<br />Response.ExpiresAbsolute = DateTime.Now().AddDays(-1)<br />Response.Expires = -1500<br />Response.CacheControl = &quot;no-cache&quot;</p><p><br /></p><p>Thanks</p><p>Muhammad Akhtar Shiekh<br /></p>http://forums.asp.net/thread/3273861.aspxFri, 03 Jul 2009 17:11:50 GMT4c671506-2930-414c-a40b-8bf57ded5924:3273861ClaCSClaCS0http://forums.asp.net/thread/3273861.aspxhttp://forums.asp.net/commentrss.aspx?SectionID=25&PostID=3273861<p>hi! <img src="http://forums.asp.net/tiny_mce/jscripts/tiny_mce/plugins/emotions/img/smiley-wink.gif" alt="Wink" title="Wink" border="0" /></p><p>I have a little project with forms authentication<br /><br />web.config<br />--------------<br />&lt;authentication mode=&quot;Forms&quot;&gt;<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;forms defaultUrl=&quot;~/Login.aspx&quot; loginUrl=&quot;~/Login.aspx&quot; /&gt;<br />&nbsp;&nbsp;&nbsp; &lt;/authentication&gt;<br /><br />I have 2 roles (&#39;admin&#39; and &#39;user&#39;) and, for the moment, 3 pages<br /><br />Login.aspx (with a login control)<br />admin/adminPage.aspx<br />user/userPage.aspx<br /><br /><br />admin web.config<br />----------------------<br />&nbsp;&lt;authorization&gt;<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;allow roles=&quot;admin&quot; /&gt;<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;deny users=&quot;*&quot; /&gt;<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;/authorization&gt;<br /><br /><br />user web.config<br />---------------<br />&nbsp;&lt;authorization&gt;<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;allow roles=&quot;user&quot; /&gt;<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;deny users=&quot;*&quot; /&gt;<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;/authorization&gt;<br /><br /><br />the adminPage.aspx and userPage.aspx have a masterpage<br /><br />The login process is correct, the &#39;admins&#39; enter to admin&#39;s pages and the &#39;users&#39; enter to user&#39;s page<br /><br />The masterpage has a button (ID=btnLogout) and a loginName control I try logout dynamically with this button but I can&#39;t<br /><br />I try with differents codes on the btnLogout_click<br /><br />FormsAuthentication.SignOut()<br />Context.User = Nothing<br />Session.Abandon()<br />Session.Clear()<br /><br />and FormsAuthentication.RedirectToLoginPage<br /><br />When I press the button the browser shows me the Login page :) but When I press the back button (on the browser)<br />it shows me the last visited page (admin/adminPage.aspx if the last user was an &#39;admin&#39; and user/userPage.aspx if the last user was an &#39;user&#39;)<br />It seems the logout process didn&#39;t close the session totally (or correctly)<br /><br />so... How Can I do logout dynamically?? ...I need do it without a LoginStatus <br /><br /><br />sorry for my english :)<br /><br /><br />Regards</p>