Re: W3SVC and asp.net



Here is some relevant code....

<authentication mode="Forms">
<forms name="BalloonShopLogin" loginUrl="login.aspx" timeout="60"/>
</authentication>

The loginstatus control does not have LogoutAction or LogoutPageUrl specified,
which makes it refresh the current page by default.... This would explain the
previous behavior of the page attempting to obtain user membership on an
anonymous user. However, on the test server, once I click LOGOUT , it logs
out and returns to login.aspx. in the forms authentication, whatever
loginURL I specify that is the page that is redirected to upon logout... WHY?
and also this is not true all the time on the test server. When I log out
from page1.aspx it returns me to login.aspx, however when I logout of page2.
aspx, it just refreshes the page and does not return me to login.aspx.

thanks

--
Message posted via WinServerKB.com
http://www.winserverkb.com/Uwe/Forums.aspx/iis-security/200703/1

.