Last post May 31, 2010 01:39 PM by tlocke
May 28, 2010 06:32 PM|tlocke|LINK
Hi all! I've sat and read many similar issues on this site, but none exactly as I need. I'm using Visual Studio 2008, ASP.NET 3.5 framework. I'm using Forms Authentication, and have opted to use the Membership and Role providers which are working
like a charm. My issue:
I have: a LoginStatus control in my master file that simply indicates if the user is logged in or not, as it should. I also have a custom logout.aspx file created so that when the user does logout, they get a pretty "good-bye" statement, and not automatically
redirected back to the login page.
I want to do 1 of these 2 options (neither is working for me right now)
1st choice: upon logout, have the user simply see the logout.aspx file. Right now they are automatically redirected to the login page, which I'm guessing is due to the setting in my web.config file? Upon clicking "logout" this is the url I get: http://localhost:port/login.aspx?ReturnUrl=%2fPROJ%2flogout.aspx
As soon as I re-enter my credentials, yep... I'm redirected to the logout page. Not good.
2nd choice: go ahead and redirect me to the login.aspx page, but have a label in there that checks if the user has been recirected from logout.aspx, and give them a "prettier" farewell message.
Any help is greatly appreciated.
May 29, 2010 03:03 PM|hajan|LINK
The 2nd choice:
You can add additional query string parameter on FormsAuthentication.RedirectToLoginPage("");
On your Logout button click, you will have:
Then, in your Login.aspx page, you can have in Page_Load something liket his:
if (Request.QueryString["action"] == "logout")
infoLabel.Text = "You have been logged out! Thank you";
Using the QueryString, you can control if the user have clicked the Logout button to Log out :).
May 29, 2010 03:53 PM|SSA|LINK
I would say stick to standards that will keep application maintainable (until and unless its not feasible to do so)
You said you are using login status control in master page, then set LoginStatus control's property logout action to
RedirectToLoginPage, login status control will automatically log user out clearing login status and cookies if used on client machine.
This is straightforward and standard, if you want something custom then Hajan given you an option.
Now only thing you miss is no "Good-Bye" message and for that you already have a solution as choice/option 1,
again there is another logout action "redirect", there you can redirect to a logout page as you want give a message and give option to login again i.e. your option number 1,
Only thing you need to do is your logout page should be allowed to anonymous access. Thats the reason why your option 1. didn't work, it goes to login page with logout page in return url.
May 31, 2010 01:39 PM|tlocke|LINK
Thanks to both of you for your help. I opted to include the authorization to my web.config file and that was it.