Re: How to prevent the logined user record is existing when I closed browser.

From: ABC (abc.abc.com)
Date: 10/24/05

Next message: Dominick Baier [DevelopMentor]: "Re: How to prevent the logined user record is existing when I closed browser."

Previous message: Dominick Baier [DevelopMentor]: "Re: How to prevent the logined user record is existing when I closed browser."
In reply to: Dominick Baier [DevelopMentor]: "Re: How to prevent the logined user record is existing when I closed browser."
Next in thread: Dominick Baier [DevelopMentor]: "Re: How to prevent the logined user record is existing when I closed browser."
Reply: Dominick Baier [DevelopMentor]: "Re: How to prevent the logined user record is existing when I closed browser."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 24 Oct 2005 15:32:02 +0800

no setting cookie timeout.

"Dominick Baier [DevelopMentor]" <dbaier@pleasepleasenospamdevelop.com>
wrote in message news:4256546011ce748c7a6920cfe6218@news.microsoft.com...
> Hello ABC" abc.abc.com,
>
> how are you setting the cookie?
>
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
>> How can I disable persistent cookies?
>>
>> "Dominick Baier [DevelopMentor]"
>> <dbaier@pleasepleasenospamdevelop.com> wrote in message
>> news:4256546011ce1c8c7a68ac886c370@news.microsoft.com...
>>
>>> Hello ABC" abc.abc.com,
>>>
>>> don't use persistent cookies.
>>>
>>> ---------------------------------------
>>> Dominick Baier - DevelopMentor
>>> http://www.leastprivilege.com
>>>> I write a web site with security and role management using ASP.NET's
>>>> security management system. Once a user logined, then Close
>>>> browser. Re-open Browser to enter web site, the last logined user id
>>>> is existing. How can prevent this case?
>>>>
>>>> Thanks
>>>>
>
>

Next message: Dominick Baier [DevelopMentor]: "Re: How to prevent the logined user record is existing when I closed browser."

Previous message: Dominick Baier [DevelopMentor]: "Re: How to prevent the logined user record is existing when I closed browser."
In reply to: Dominick Baier [DevelopMentor]: "Re: How to prevent the logined user record is existing when I closed browser."
Next in thread: Dominick Baier [DevelopMentor]: "Re: How to prevent the logined user record is existing when I closed browser."
Reply: Dominick Baier [DevelopMentor]: "Re: How to prevent the logined user record is existing when I closed browser."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: FormsAuthentication.SignOut(); doesnt work...
... use a tool like www.fiddlertool.com to check if the cookie is really cleared... ... Dominick Baier - DevelopMentor ... > After 'logging off', ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: "secure" flag for HttpCookies
... Dominick Baier - DevelopMentor ... the client will not send the cookie to the server on all requests. ... But this doesn't matter cause an attacker can just sniff the cookie on ...
(microsoft.public.dotnet.security)
Re: asp.net login contol using url redirect
... Dominick Baier [DevelopMentor] wrote: ... > You have to manually issue the cookie and set the Domain property on the ... >> If however I include the site in a frame on another site, e.g., ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: XML Webservice authentication
... what do you mean with "but will need to be authenticated via a cookie" ?? ... Dominick Baier - DevelopMentor ... "web service way" would be to use a SOAP header. ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: forms authentication -- expired forms cookie vs. not provided forms cookie
... Dominick Baier - DevelopMentor ... present, but if the forms cookie is present and expired, I want them to get a timeout page. ... Is this possible with forms authentication? ...
(microsoft.public.dotnet.framework.aspnet.security)