Last post Mar 11, 2015 03:51 PM by ThatsIT
Mar 11, 2015 02:51 PM|ThatsIT|LINK
I have 2 mvc websites using the same login database, one on occasion will not logout.
I have had a look with fiddler and at the difference between the successful and failed logoff requests.
The difference is the setcookie is not clearing the cookie,
Any help I need this working soon, thanks
Set-Cookie: .AspNet.ApplicationCookie=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Mar 11, 2015 03:09 PM|Rion Williams|LINK
What kind of logic or code are you using to handle the logging out process? Are you using just something like Forms Authentication? Simple Membership? Or the ASP.NET Identity model?
Mar 11, 2015 03:12 PM|ThatsIT|LINK
ASP.NET Identity model, thanks
Mar 11, 2015 03:24 PM|Rion Williams|LINK
You might be able to explicitly identify the authentication token to invalidate using something like :
And I'm assuming that you are also using the AuthenticationManager.SignIn() method to create the cookie and log the user in?
Mar 11, 2015 03:34 PM|ThatsIT|LINK
I tried it, it still wont log off
Mar 11, 2015 03:51 PM|ThatsIT|LINK
I removed "<ValidateAntiForgeryToken>" and it worked, I checked the loginpartial and it is setting a @Html.AntiForgeryToken(), so not sure why.
Maybe this was coincidence, I will have to wait and see as this only happens now and then, usually when leaving page open for a time.