Security :: IE8 Session, Logging Out From One Tab Causes Both Tabs To Logout, But Can't Log Back In?
Nov 10, 2010
I have a website built in ASP.net 3.5, using WinForms and AjaxToolKit. I have encountered a lost/corrupt session issue while using Internet Explorer 8.
Scenerio:
1 IE8 Browser Open, 1 Tab
--------------------------------------
1. Login, Redirect to Landing, Logout - WORKS AS EXPECTED
2. Login, redirect to Landing, Close Window, Open Window, Logged-in already - WORKS AS EXPECTED (remember me enabled by default in code)
1 IE8 Browser, 2 Tabs
--------------------------------------
1. Login, Redirect to Landing, Open new tab, paste Landing page URL, Landing renders. - WORKS AS EXPECTED
- Logout from Tab 2, Tab 1 logs out after AJAX update. - WORKS AS EXPECTED
- Login from Tab 1, Redirects to Landing, then Redirects back to Login page - ISSUE
[code]...
2. Close Window,Login,Redirect to Landing - WORKS AS EXPECTED
2 IE8 Browser, 1 Tab
--------------------------------------
1. Open 2 IE windows
2. In Window 1, Login, Redirect to Landing, then Redirects back to Login. - ISSUE
- Window 2 Paste Landing page URL, Landing page renders - ISSUE, STRANGLY NOW WORKS
[code]...
This issue seems to only happen when I have multiple tabs open,or multiple rwssers open.Firefox and Chrome does not reproduce this issue and works as expected.How do I make sure the Cookie/Session is being handle correctly in IE8?
Here is my Login Auth:
[Code]...
Web.Config
[Code]...
Server 2008r2
Seesion State:
Cooke Settings: Mode: Use Cookies;
Broswer IE8
Default settings
View 3 Replies
Similar Messages:
Apr 11, 2012
How to distroySession in asp.net(vb). When I Distroy the session if i click to the back button it will not redirected to previous page.I used
Session.Abandon()Response.Redirect("Default.aspx")
on the click of logout_linkbutton.but when i click back button in browser its go back to previous page. But when i click on any control it will redirected to Default.aspx.
View 1 Replies
Feb 3, 2011
I created a user control for my web application that checks for Session Timeout. If the criteria are met for Timeout, I use Response.Redirect to send the user back to the login page. I include this user control in my Master page, and run the SessionTimeoutcode in the user control's Page_Init event. That all works great. However, once the user logs in again after time-out (and I have verified that the OnLoggedIn event does fire) the user is redirected to the DestinationPageUrl. That page runs the Session Timeout check when it loads (as it should) and the Session Timeout code "says" that the session is still timed-out.
View 1 Replies
Mar 26, 2011
How can I prevent user to go back after logging out from any of the page of my website ? Even if the user press back button, redirected to the login.aspx page. Like we have seen in social or any other member ship sites.
View 3 Replies
Feb 22, 2011
I need to disallow the user from clicking the back button after they have login to the web site.
I have to stop them from going back after thay have logout from the web site.
I find out online that this can be done
but once the javascript function is turn off it does not work.
[Code]....
Is there any way to really stop go back function in the above situation? I wonder how the bank commercial web site handle this kind of situation?
View 2 Replies
Nov 15, 2010
How can I force a user to logout when he press the browser back button ?
View 11 Replies
Aug 18, 2010
how to avoid viewing the last page visited by the user after logging out.
View 2 Replies
Sep 15, 2010
I am using ASP.NET, the web page is abandoning and clear session when a user click logout link but they click the back button and it is still showing the previous page. How can it prevent the previous page after logout? on Logout.aspx load im using this code
Session.Clear();
Response.Buffer = true;
Response.ExpiresAbsolute = DateTime.Now.AddDays(-1D);
Response.Expires = -1500;
Response.CacheControl = "no-cache";
//----- Second Technique : To Stop Caching of Secure Pages.
Response.Cache.SetCacheability(HttpCacheability.NoCache);
FormsAuthentication.SignOut();
if (Session["UserName"] == null)
{
Response.Redirect("login.aspx");
}
Session.Clear();
View 4 Replies
Jan 26, 2010
I have an option in my website to logout from session and redirect to login page. So I get redirected and if I try to login again it seems like it tries to redirect me to login page over and over, until I click some page in menu and login and it does works. so, doesn't the login control always redirect to same DestinationPageUrl? here the logout code:
[Code]....
View 12 Replies
Jul 25, 2013
When I click Logout page redirect to Login page but when click to browser arrow back then it will goes back, I want to after Logout cannot going to back page...
View 1 Replies
May 7, 2015
I read the article [URL] .... It works well for me. But I want to know how to logout.
View 1 Replies
May 4, 2010
I have written custom code for login and logout...When use clicks on logout button the current session is closed and user is redirected to a login.aspx page...The problem is that when a user click a back button on internet explorer it the previous page he was navigating is shown to him...(altough he cant perform any operation as session is null and their is condition in page load that if session is null user should be redirected to login page)May i have to clear cache of client ??
View 3 Replies
Oct 13, 2010
Need the code for the login /logout in my sample project and how to attin logout in the all pages. dont mistake me as i am learning (fresher) the asp.net 2005
View 2 Replies
Sep 20, 2010
We use windows authentication. User opens our website in tab1 and does some action but with out clicking on save he opens a new tab tab2 and opens the same website again. Now, if the user session in tab1 is active i need to warn users that the he is already logged on to application in some other browser and go to some log out page. But if the user session in tab1 is timed out then he must be able to continue with the website in tab2 as usual, but if he tries to do anything in tab1 he should go to session expired page.
I tried implementing it in following way.
I have a hidden field in each page which will be set to unique Id using GUID.NewID().
when user requests for a page the following code is executed.
[Code]....
View 1 Replies
Mar 10, 2011
I would like to insert a GUID into my table, then pass that variable to another page where I will use it in an email validation. Is this how you create a GUID?
[Code]....
Is this how I would insert it into my table?
[Code]....
View 6 Replies
Jan 12, 2011
I think my subject line explains my problem in a nutshell.. I have a login page, I login like I should and everything works.I logout and when I type/paste the address to the page, in the address field, I still reach it just like if I was still logged in..The page I type in the address field is in a subfolder, only suppose to be able to be reached by logged in users and in this folder,ith it's own web.config-file:
<?xml version="1.0"?>
<configuration>
<system.web>
[code]...
View 9 Replies
Nov 11, 2010
I have some code in my page load event where I just want to fire once when the user opens the Browser. The only issue is if you open a new tab with the same website the session variable does not reset. Is there a way to reset the session variable when you open a new tab or do you have to take the whole web browser down for it to clear the session variable.
In Global Page:
[code]....
View 2 Replies
Nov 29, 2010
I have this issue as I seen many before has had with the website allowing the user to step back once logged out. I have seen this code below recommend to solve the problem, and it works. But my questions are, is this the best way of doing it? I dont want to cache any of the secure pages? Will the web app run slower with out cashing secure pages? Is there an alternative?
Response.Buffer = True
Response.ExpiresAbsolute = Now().Subtract(New TimeSpan(1, 0, 0, 0))
Response.Expires = 0
Response.CacheControl = "no-cache"
View 2 Replies
Jan 4, 2010
I am having a small doubt. Suppose i am in some xyz.aspx page there i clicked log out button and the form redirects to login page. When i login again the page is redirecting to the sme page form where i logged out. But i need to display home page how can i do this.
View 7 Replies
Oct 6, 2012
when i logout from profile i cleared all the session created when user login.but after logout it goes to back page.u provided may solution but no is worked.
View 1 Replies
Aug 8, 2010
In the logout link button click event I have cleared the session variables.I am checking these session variables for null values at each page's load event.If it has the null value redirecting them to the login page.But the problem is whenever I click the browser back button,the page_load event won't get called.For that I have cleared the the browser cache history.
View 2 Replies
May 30, 2013
how to prevent back button after logout in asp.net
View 1 Replies
Apr 21, 2010
I have a web application build in asp.net and using a custom membership provider for authentication and authorization. Everything works fine except when the user click on the logout link to log out of the application and being redirect to a default cover page, if the use click on the BACK BUTTON on their browser, it will actually go back to where they were before and the data will still show up.
Of course they can't do anything on that page, click on anything link they will be redirect to a login page again. But having those information display is making a lot users confused.
i am just wondering if there is any way i can either clear the browser's history so use can't go BACK, or when they click on the back button and have them redirect to the login page.
View 7 Replies
Jul 6, 2010
I'm debugging some unexpected behavior and while tracing in to the .NET framework I see a bunch of stuff like this:
if (Logging.On) {
Logging.PrintInfo(Logging.Web, this, SR.GetString(SR.net_log_n_certs_after_filtering, filteredCerts.Count));
...
}
But (as expected by default) the execution steps right over these. Is there some way to turn on the logging? Or is that just something that the framework developers can do while making special builds of the framework?
View 1 Replies
Aug 20, 2010
disable back button on my asp.net application. I Should not be able to go back to my previous page after I logout.
View 2 Replies
