Security :: How To Logout Another User (Membership)
Jan 26, 2011
In the site I am building we have standard users and superusers. A superuser can delete another user from the system and this should result in that user being logged out (if he/she is currently logged in). We use the Membership provider. Or actually the superuser doesnīt delete the other user completely but instead sets his/her as inActive by following code:
But, that should not matter... What I want to know is how to make the affected user being logged out. I donīt need a popup or anything to be shown to the other user that he/she is just logged out, it is enough to check if that user is logged in when he/she tries to move to another page on my site.
if a user wants to clear their personal information from a page after clicking on a button that they be re-directed to the ASP Login page. This code needs to be developed using Java Script because I want the user to confirm with a confirmation box that they intended to clear their info. I have found resources on MS that pointed to referencing the "System Web Extension" within the Web Config file shown below, which enables Java Script to be able to reference the Authentication Service classes. I am also calling the function show_confirm in the button onclick event to process the message box response.
I also need to redirect a user back to the Login page within this same show_confirm() function without pointing directly to the URL, but instead to the folder where the page is locateded like in VB Server Redirect if possible.
The error message I receive when I run this code is: Microsoft JScript runtime error: 'sys' is undefined.
i currently develop an asp.net mvc 2 web app using asp.net membership and role management for authenticating and authorizing my users. I get complaints though that when adding a role to some user, he is not able to see new role assigned functionality, unless he re-enters (logout and login again) the application.
i'm using ASP.NET membership for a silverlight application that makes use of Wcf Ria Services.
my problem is that i don't want multiple logins on the same account and i need to logout the user when he logs in on another machine. (I don't want the account to be used by many people at the same time, and the last who logs in must kick out everyone else)
I am createing user dynamially with the below code; string MyPassword = Membership.GeneratePassword(8,0).ToString(); Membership.CreateUser(TextBox7.Text, MyPassword, TextBox8.Text); but before I start creating, I would like to check if the user name is used before or not.
I have written custom code for login and logout...When use clicks on logout button the current session is closed and user is redirected to a login.aspx page...The problem is that when a user click a back button on internet explorer it the previous page he was navigating is shown to him...(altough he cant perform any operation as session is null and their is condition in page load that if session is null user should be redirected to login page)May i have to clear cache of client ??
I would like to create a sync process between an ADSI table and aspnet Membership using Membership.CreateUser. However, I need to see if a user exists before importing. I can import as long as a user does not exist however I am having trouble checking if users exist and only importing if they do not. Here is my code so far.
When creating a foreign key to the membership user table, is it better to refer to the user_id column or is it ok to use the username column? I assume that the Membership spec enforces uniqueness in the username since there is a method Membership.GetUser(username) that returns one user. Using the id is a bit awkward in code because I have to end up casting all over the place like (int)user.ProviderUserKey. The username would give more information quickly when viewing raw data as well. Just wondering if someone knows a reason why I shouldn't use it as the foreign key.