Last post Apr 14, 2012 07:45 AM by PGChoudhury
Apr 13, 2012 10:38 AM|PGChoudhury|LINK
I am talking about a simple application where the user logs in using username and password retrieved from the database and if authenticated gets redirected to a Welcome page which has a 'logout' linkbutton. When user is authenticated I am loading a session
variable to save the username. On the click even of the logout linkbutton I am abandoning and clearing all sessions so that the varibale becomes null.
Still when I click the back button of the browser after logout the Welcome page gets loaded even though I have used code to check the state of the session. Why is this happening? What is the correct way to do this in order for the application to behave ideally
once the user has logged out.
This is the code I am using to check state of session:
protected void Page_Load(object sender, EventArgs e)
if (Session["user"] == null)
and this is the code snippet I am using to clear the session on logout.
protected void lnkLogout_Click(object sender, EventArgs e)
It is to be noted that I have incorporated the linkbutton for logout in a user control alongside some other controls.
Apr 13, 2012 10:39 AM|PGChoudhury|LINK
Hope I have been able to convey my situation. Look forward to receiving some technical help on the matter.
Apr 13, 2012 11:13 AM|hans_v|LINK
Still when I click the back button of the browser
When you click the back button, no new request is made, but the page is retrieved form your browsers cache.
Apr 14, 2012 04:44 AM|PGChoudhury|LINK
Thank for clearing the misconception. I tested the application by closing the browser and then reopening it and pasting the url of the welcome page. It is getting redirected to the login page as desired. Working fine now. Thanks anyways.
Apr 14, 2012 07:04 AM|thirumalesh|LINK
That's right but the cached version of that pageavailable
so you can delete the cache of that page(after login page)
using HttpRuntime.RemoveOutputCache("name of aspx page")
this is the nice way of doing the forms auhtendication&Authorization
Apr 14, 2012 07:45 AM|PGChoudhury|LINK
Thanks for the bit of advice. I will try to incorporate the block of code in my application for authentication.