Re: How to prevent the logined user record is existing when I closed browser.

From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 10/25/05 

Date: Mon, 24 Oct 2005 18:49:08 -0700

Hello ABC" abc.abc.com,

this has nothing to do with forms auth.

you must set the cookie somehow -

login control (2.0)
or
FormsAuthentication.RedirectFromLoginPage

??

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> I set the timeout = 1 on web.config.
>
> <sessionState timeout="1" />
>
> "Dominick Baier [DevelopMentor]"
> <dbaier@pleasepleasenospamdevelop.com> wrote in message
> news:4256546011cf428c7a6a8f87c3127@news.microsoft.com...
>
>> Hello ABC" abc.abc.com,
>>
>> ??
>> ---------------------------------------
>> Dominick Baier - DevelopMentor
>> http://www.leastprivilege.com
>>> no setting cookie timeout.
>>>
>>> "Dominick Baier [DevelopMentor]"
>>> <dbaier@pleasepleasenospamdevelop.com> wrote in message
>>> news:4256546011ce748c7a6920cfe6218@news.microsoft.com...
>>>
>>>> Hello ABC" abc.abc.com,
>>>>
>>>> how are you setting the cookie?
>>>>
>>>> ---------------------------------------
>>>> Dominick Baier - DevelopMentor
>>>> http://www.leastprivilege.com
>>>>> How can I disable persistent cookies?
>>>>>
>>>>> "Dominick Baier [DevelopMentor]"
>>>>> <dbaier@pleasepleasenospamdevelop.com> wrote in message
>>>>> news:4256546011ce1c8c7a68ac886c370@news.microsoft.com...
>>>>>
>>>>>> Hello ABC" abc.abc.com,
>>>>>>
>>>>>> don't use persistent cookies.
>>>>>>
>>>>>> ---------------------------------------
>>>>>> Dominick Baier - DevelopMentor
>>>>>> http://www.leastprivilege.com
>>>>>>> I write a web site with security and role management using
>>>>>>> ASP.NET's security management system. Once a user logined, then
>>>>>>> Close browser. Re-open Browser to enter web site, the last
>>>>>>> logined user id is existing. How can prevent this case?
>>>>>>>
>>>>>>> Thanks
>>>>>>>

Relevant Pages

  • RE: asp.net login control not authenticating?
    ... Dominick Baier - DevelopMentor ... for some documentation on the login control, but, I haven't found any. ... to handle the Authenticate method manually in order to redirect the authenticated user to a specific URL based on the referring URL ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: asp.net login control not authenticating?
    ... that's not necessary - in fact - that's exactly the code that gets executed by the login control if Authenticate is NOT handled. ... Dominick Baier - DevelopMentor ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Securing static files
    ... Dominick Baier - DevelopMentor ... they are kicked back to the login page. ... The user may log in with other credentials. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: How to determine if the logged on user is in a group
    ... Dominick Baier - DevelopMentor ... I found that you to reboot the SERVER after you create a new group and put users in it so that the new group and the users appear in the whoami list on the server. ... although he is a member of these groups. ...
    (microsoft.public.dotnet.security)
  • Re: HOWTO: Prevent Dynamic Loading of internal Types
    ... Dominick Baier - DevelopMentor ... Henning Krause ... I could get the public key from the entry assembly via ...
    (microsoft.public.dotnet.security)