Hello all,
Not sure I can describe this adequately, but I am creating an endless loop
when an authenticated user signs out.
When the user signs out, I want to remove authentication, abandon session,
and redirect to default page. I need to use a custom cookie (I track separate
logins to multiple "companies"), so afaik can't use the standard
formsauthenication routines to create/delete the default ticket/cookie.
Here's the code to sign out:
...
login.DeleteAuthCookieEmail()
Session.Abandon()
Response.Redirect(MyURL.Default)
...
Public Shared Sub DeleteAuthCookieEmail()
Dim cookie As HttpCookie = New HttpCookie(GetAuthCookieName)
cookie.Expires = DateTime.MinValue
HttpContext.Current.Response.Cookies.Add(cookie)
End Sub
Here's code to create the cookie:
Public Shared Sub SetAuthCookieEmail(ByVal Email As String)
Dim cookie As HttpCookie = New HttpCookie(GetAuthCookieName)
cookie.Expires = DateTime.MinValue
cookie.Value = Email
HttpContext.Current.Response.Cookies.Add(cookie)
End Sub
(GetAuthCookieName just returns a company-specific string for the cookie
name).
When I delete my authentication cookie and then do the redirect, it
continues to run that block of code over and over. If I don't do the
redirect, it ends fine, which makes me guess that the removal of
authentication is "stuck" somewhere.
Anyway, I think I'm missing something fundamental with sessions, cookies,
tickets, and forms authentication, but just don't see it. All thoughts are
much appreciated.
tia,
Bill Borg