-1

I have a problem with,sqlmmebership sign out.My project consist of one main page,and other pages is loaded via ajax inside of this main page.I put a sign out button main page but when I click on it ,it happen nothing and after click ones again direct me to login page.however when I click the back button on the browser,It turn me back to the main page ,It is normally dosent happen,am I wrong here is the my sign out function,

protected void Cikis_Click(object sender,DirectEventArgs e) 
  {
        FormsAuthentication.SignOut();
        Roles.DeleteCookie();
        Session.Clear();
        Session.Abandon();
        FormsAuthentication.RedirectToLoginPage();

  }

and here is the my config file,

 <roleManager enabled="true" />
      <authentication mode="Forms">
        <forms loginUrl="~/Default.aspx" />
      </authentication>
    <membership defaultProvider="MySqlMembershipProvider">
        <providers>
          <clear/>
          <!--Add a customized SqlMembershipProvider -->
          <add name="MySqlMembershipProvider"
          type="System.Web.Security.SqlMembershipProvider"
          connectionStringName="AProjeConnectionString"
          enablePasswordRetrieval="false"
          enablePasswordReset="true"
          requiresQuestionAndAnswer="false"

          requiresUniqueEmail="false"
          passwordFormat="Hashed"
          maxInvalidPasswordAttempts="15"
          minRequiredPasswordLength="5"
          minRequiredNonalphanumericCharacters="0"
          passwordAttemptWindow="10"
          passwordStrengthRegularExpression=""/>
        </providers>
      </membership>

I have a directory called Admin,and protected ,only allow users who has admin role.

sakir
  • 3,391
  • 8
  • 34
  • 50

1 Answers1

1

This is an issue with your browser cacheing the previous page. When you click the back button it is just displaying what it has already loaded, and not reloading from the server.

In most cases this is not a huge problem because as soon as they try to do something, they will get redirected to the login prompt. However, if this is absolutely a problem (for instance, the page may contain sensitive information), then you will need to clear the runtime cache.

Response.Cache.SetExpires(DateTime.UtcNow.AddMinutes(-1));  
Response.Cache.SetCacheability(HttpCacheability.NoCache);  
Response.Cache.SetNoStore();  
Session.Abandon();
FormsAuthentication.SignOut();
FormsAuthentication.RedirectToLoginPage();
Erik Funkenbusch
  • 92,674
  • 28
  • 195
  • 291