Hi all
I'm newbie to asp.net and building simple pages using vb.net.
I have got three pages default.aspx (which is login page), index.aspx and lo
gout.aspx.
In logout.aspx i have put following code...
Session.Clear()
Session.RemoveAll()
Session.Abandon()
Response.Redirect("default.aspx")
In Index.aspx I have following code in page load event..
If Session("login") = "" Then 'this session variable is created from default
.aspx on successful login which store user login name
Response.Redirect("default.aspx")
End If
But somehow after hitting logout link from index.aspx it still keeps session
("login") value though it redirect to default.aspx..
After tht if i try to execute page directly index.aspx (on same browser wind
ow), the page index.aspx is displayed..(which is basically should not be dis
played.) ...When I hit refresh it redirects to default.aspx but url remains
the same with index.aspx
Below is web.config snippet...
<sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
cookieless="false"
timeout="20"
/>
Anyone has any clue why its happening like this'
Any help would be appreciated..
Thanx in advance
daveA couple comments. First off, you might save yourself a handful of lines of
code as well as this problem if you used the built-in FormsAuthentication:
http://www.15seconds.com/issue/020220.htm
http://www.15seconds.com/issue/020305.htm
I suspect they are getting to index.aspx because the page is cached...hence
when they force a refresh they are being logged out. You might want to look
at :
http://www.15seconds.com/issue/010202.htm
which will tell you how to make sure the browser doesn't cache the page.
As for why ur session doesn't clear, you might wanna try Response.Redirect("
default.aspx", false) If that works check out :
http://weblogs.asp.net/bleroy/archi.../03/207486.aspx for why...not
sure if that applies to clearing session though, don't think so.
Karl
--
MY ASP.Net tutorials
http://www.openmymind.net/ - New and Improved (yes, the popup is annoying)
http://www.openmymind.net/faq.aspx - unofficial newsgroup FAQ (more to come!
)
"dave" <nojunk@.nojunk.com> wrote in message news:ONMZBDbvFHA.2072@.TK2MSFTNGP
14.phx.gbl...
Hi all
I'm newbie to asp.net and building simple pages using vb.net.
I have got three pages default.aspx (which is login page), index.aspx and lo
gout.aspx.
In logout.aspx i have put following code...
Session.Clear()
Session.RemoveAll()
Session.Abandon()
Response.Redirect("default.aspx")
In Index.aspx I have following code in page load event..
If Session("login") = "" Then 'this session variable is created from default
.aspx on successful login which store user login name
Response.Redirect("default.aspx")
End If
But somehow after hitting logout link from index.aspx it still keeps session
("login") value though it redirect to default.aspx..
After tht if i try to execute page directly index.aspx (on same browser wind
ow), the page index.aspx is displayed..(which is basically should not be dis
played.) ...When I hit refresh it redirects to default.aspx but url remains
the same with index.aspx
Below is web.config snippet...
<sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
cookieless="false"
timeout="20"
/>
Anyone has any clue why its happening like this'
Any help would be appreciated..
Thanx in advance
dave
"dave" <nojunk@.nojunk.com> wrote in message news:ONMZBDbvFHA.2072@.TK2MSFTNGP
14.phx.gbl...
Hi all
I'm newbie to asp.net and building simple pages using vb.net.
I have got three pages default.aspx (which is login page), index.aspx and lo
gout.aspx.
In logout.aspx i have put following code...
Session.Clear()
Session.RemoveAll()
Session.Abandon()
Response.Redirect("default.aspx")
In Index.aspx I have following code in page load event..
If Session("login") = "" Then 'this session variable is created from default
.aspx on successful login which store user login name
Response.Redirect("default.aspx")
End If
In C# I would not check for an empty string, but for null. In VB you might n
eed to
check for "Nothing".
You don't store "strings" in Session, you store "objects". A string is a per
fectly
valid object, so you can store it without problems. But if the Session varia
ble
has been removed, it's *removed* (not there, nothing), not an empty string.
But somehow after hitting logout link from index.aspx it still keeps session
("login") value though it redirect to default.aspx..
After tht if i try to execute page directly index.aspx (on same browser wind
ow), the page index.aspx is displayed..(which is basically should not be dis
played.) ...When I hit refresh it redirects to default.aspx but url remains
the same with index.aspx
If you use Redirect, you instruct the browser to go to a different URL, so t
hat other
URL should be displayed (If you had used Transfer, this would not be the cas
e, as that
works entirely server-side). So you are not "redirected" to default.aspx, bu
t something else
happened.
Hans Kesting
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment