 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / Security / October 2004Forms Auth and FormsAuthentication.SignOut()Question
I'm using Form Auth. I 'm using the FormsAuthentication.SignOut() to sign out But when the user logins in and later logs out using FormsAuthentication.SignOut() When the user clicks the back button he is still authenticated on the PAGE why!! Is there anyway i can remove the cache or something.. Any ideas????? The back button on the Browser will only show the page that is already on the client, this makes you think that you are authenticated but infact you are not because you just did a "FormsAuthentication.SignOut();" , none of your code on the page that is caused by the "Back" button at this point is executed because the page itself has not been back to the server yet. Now, if you attempt to push a button that does something on the server, then you will be presented a proper Login page. John > I'm using Form Auth. > I 'm using the FormsAuthentication.SignOut() to sign out [quoted text clipped - 4 lines] > Is there anyway i can remove the cache or something.. > Any ideas????? ok then John. I would try that out. But do you have any idea how to have a role based Forms Authentication when using Active Directory as a data store.I want to validate my users against ROLES in the Active Directory.. Thanks > The back button on the Browser will only show the page that is already on > the client, this makes you think that you are authenticated but infact you [quoted text clipped - 14 lines] > > Is there anyway i can remove the cache or something.. > > Any ideas????? > ok then John. > I would try that out. [quoted text clipped - 3 lines] > ROLES in the Active Directory.. > Thanks We donot allow AD integrated with IIS and Web based applications over internet. So as a result, I am not very familiar with this type of implementation. However, Google has a couple of good articles about this subject that may serve your needs. Here they are: http://dotnet.org.za/stuartg/articles/1415.aspx http://support.microsoft.com/kb/311495/EN-US/ Hope you do well, John Thanks John. Sorry i forgot to mention that its not internet but intranet! So the links u sent were good! But what 'm looking for is to actually use Active Directory as a datastore which i'm using and then perform authorisation that means the user in the domain can validate against roles(which is the same as Window Groups). So both my authentication and authorisation process would rely solely on Active Directory. What i want to know is how to create a GenericPrincipal object (or a custom IPrincipal object) and populate it with a set of roles obtained from a custom authentication data store like Active Directory Thanks all.. > > ok then John. > > I would try that out. [quoted text clipped - 16 lines] > > John Hi Patrick.. Pls find this article which throws light on different types of Forms based authentication.. http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secmod/html/sec mod03.asp HTH With Best Regards Naveen K S > I'm using Form Auth. > I 'm using the FormsAuthentication.SignOut() to sign out [quoted text clipped - 4 lines] > Is there anyway i can remove the cache or something.. > Any ideas????? Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.