2 Replies - 4665 Views - Last Post: 17 September 2012 - 01:44 AM Rate Topic: -----

#1 manishmishra.mishra58  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 1
  • Joined: 02-September 12

destroy the session data on logout click

Posted 03 September 2012 - 12:10 AM

I've created a complete login-logout asp.net app.In which I want to clear the session data on logout button click and whenever user click on back button it should not redirect to visited page.
I have used all the session methods like clear(),abandon(),removecontents(),etc.but it not works.
Please provide the complete solution on this.
reply soon asap.

regards
Manish MCTS.
Is This A Good Question/Topic? 0
  • +

Replies To: destroy the session data on logout click

#2 CasiOo  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 1423
  • View blog
  • Posts: 3,165
  • Joined: 05-April 11

Re: destroy the session data on logout click

Posted 03 September 2012 - 06:23 AM

calling abandon() should start a new session

Once the Abandon method is called, the current session is no longer valid and a new session can be started


You can't really stop the browser from keeping history of visited pages
Was This Post Helpful? 0
  • +
  • -

#3 November-06  Icon User is offline

  • D.I.C Regular

Reputation: 46
  • View blog
  • Posts: 407
  • Joined: 04-January 11

Re: destroy the session data on logout click

Posted 17 September 2012 - 01:44 AM

We did have a problem like that before.

Even when you abandon and clear sessions, the session will return if the user clicks the back button.

So what we did was create a page (for example logout.aspx)

In the Page_Init, we added the following codes:

        Session.Abandon()
        Session.RemoveAll()
        Dim logoutpage As String = "Logout.aspx"
        Response.Write("<script language=javascript>")

        Response.Write("{")
        Response.Write(" var Backlen=history.length;")

        Response.Write(" history.go(-Backlen);")
        Response.Write(" window.location.href='" + logoutpage + "'; ")

        Response.Write("}")
        Response.Write("</script>")

        Response.Redirect("Login.aspx")



So, for you logout button, all you need to do is redirect to your logout.aspx.

The logout.aspx will be responsible for clearing and abandoning sessions. The code that I gave should handle the behavior of the back button.

But if you notice, it is javascript that handles the Back button so if I'm not mistaken this will only work if javascript is turned on.
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1