Hi,
I've implemented the forms authentication just like the following msdn
article http://msdn.microsoft.com/library/de...SecNetHT02.asp
(watch out for the line wrap)
Everything is working fine. Once the user is authenticated, he/she can
navigate out to the secure portion of the site and navigate back while
the ticket hasn't expired.
But the world isn't perfect and I was asked to implement a logoff
option. So I think I need to 'kill' the ticket. I've tryied a lot of
things with no success. For example (cookieName is a var containing
the cookie name generated by the FormsAuthenticationTicket object):
Context.Request.Cookies[cookieName].Expires = DateTime.Now;
or
Context.Response.Cookies[cookieName].Value = null;
or
Response.Cookies[CookieName].Expires = DateTime.Now;
or
Response.Cookies[CookieName].Value = "";
or
Response.Cookies.Remove(CookieName);
None of above expired the ticket, disabling the user to navigate back
to the site's secure area.
Any idea?
TIA
Valmir