473,785 Members | 2,482 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

How can I Unauthorize a .NET session

I have an app that requires the user to login before accessing a
Register.aspx form. I am using Forms authorization so the lines in the
Web.config file are:

<authenticati on mode="Forms">
<forms loginUrl="Login .aspx">
</forms>
</authentication>

<authorizatio n>
<deny users="?" /> <!--deny unauthorized users -->
<allow users="*" /> <!-- Allow all authorized users -->
</authorization>

Sure enough when the user browses to the page inside the folder they are
sent to the Login.aspx file. Inside this login file, I check the user
credentials and return to the original page via:

// return to the original page
FormsAuthentica tion.RedirectFr omLoginPage(Use rID.Text, false);

In the registration page the user enters some information and then clicks
the Submit button that puts stuff in the SQL server database and transitions
to a confirmation page.

The question now comes, how can I remove the authorization at this point.
If the user goes back to the Registration.as px (the original page) they can
view the info directly. I want to make the user go through the Login.aspx
sequence again each time they push the Submit button on the information
collecting page.

I don't know how to unauthorize a user session from within the C# code that
is handling the Submit command.

I am using Visual Studio .NET 2003 and C#.

Any advice would be appreciated.

Ed
--
Edward E.L. Mitchell
Phone: (239)415-7039
6707 Daniel Court
Fort Myers, FL 33908
Jul 21 '05 #1
3 1317
Hi Ed,

First of all, I would like to confirm my understanding of your issue. From
your description, I understand that when the user clicks the submit button,
you need him to login again. If there is any misunderstandin g, please feel
free to let me know.

If you need the user login again, you can try to remove the authentication
ticket by calling FormsAuthentica tion.SignOut method. So next time, the
user's trying to access the registration page, he is required to login
again. You can check the following link for more information.

http://msdn.microsoft.com/library/de...us/cpref/html/
frlrfSystemWebS ecurityFormsAut henticationClas sSignOutTopic.a sp

HTH.

Kevin Yu
=======
"This posting is provided "AS IS" with no warranties, and confers no
rights."

Jul 21 '05 #2
Kevin,

That worked like a charm. Just the functionality that I was looking for.

Thanks for the feedback.

Ed
"Kevin Yu [MSFT]" <v-****@online.mic rosoft.com> wrote in message
news:vT******** ******@TK2MSFTN GXA02.phx.gbl.. .
Hi Ed,

First of all, I would like to confirm my understanding of your issue. From
your description, I understand that when the user clicks the submit
button,
you need him to login again. If there is any misunderstandin g, please feel
free to let me know.

If you need the user login again, you can try to remove the authentication
ticket by calling FormsAuthentica tion.SignOut method. So next time, the
user's trying to access the registration page, he is required to login
again. You can check the following link for more information.

http://msdn.microsoft.com/library/de...us/cpref/html/
frlrfSystemWebS ecurityFormsAut henticationClas sSignOutTopic.a sp

HTH.

Kevin Yu
=======
"This posting is provided "AS IS" with no warranties, and confers no
rights."

Jul 21 '05 #3
You're welcome, Ed.

Thanks for sharing your experience with all the people here. If you have
any questions, please feel free to post them in the community.

Kevin Yu
=======
"This posting is provided "AS IS" with no warranties, and confers no
rights."

Jul 21 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
1
7789
Passing SESSION Data
by: Paul | last post by:
Hmmm, didn't seem to work. I have set session.use_cookies = 1 and session.use_trans_sid = 1 in my php.ini file. Index.php contains: ---------------------------------------------------------------------------- <?php ini_set("session.use_cookies", "off"); ini_set("session.use_trans_sid", "on"); session_start(); $_SESSION = ""; $_SESSION = ""; echo "<form method='POST' action='login.php'>
PHP
27
7131
Reality Check: Session Hijacking
by: mrbog | last post by:
Tell me if my assertion is wrong here: The only way to prevent session hijacking is to NEVER store authentication information (such as name/password) in the session. Well, to never authenticate a user from information you got from the session. Each secure app on a site must challenge the user for name and password, each and every time the user accesses it (not just once and then store it in the session). If a secure app is multi-page,...
PHP
2
3309
Session troubles in IE, not Mozilla :(
by: Damien | last post by:
Hi to all, I'm currently re-designing our intranet : nice and lean CSS2, cleaned-up PHP 4.3.7, better-normalized MySQL ;o). So I've started using the $_SESSION variable instead of register_globals and a couple "better pratice" code. Not perfect, but better. Problem : I'm testing everything with Firefox on my machine (IIS on WinXP Pro), and everything is ok. As soon as I try MS IE 6, it doesn't seem to keep the sessions from page to...
PHP
3
266
How can I Unauthorize a .NET session
by: Edward Mitchell | last post by:
I have an app that requires the user to login before accessing a Register.aspx form. I am using Forms authorization so the lines in the Web.config file are: <authentication mode="Forms"> <forms loginUrl="Login.aspx"> </forms> </authentication> <authorization>
.NET Framework
0
3239
custom user session handler + PHPSESSID in cookie
by: joseph conrad | last post by:
Hi, I tried to implement my own session handler in order to keep control on the process the drawback I foun it is not creating and storing in my cookie the PHPSESSID variable anymore. reading te documentation it seems it should do it anyway any advice?
PHP
14
2382
Session variable trouble
by: aroraamit81 | last post by:
Hi, I am facing a trouble. I have some Session variables in my code and somehow my session variables are getting mixed up with other users. For example User A has access to 10 companies and User B has access to 5, now when both of us hits to the server at the same time then their session variables gets mixedup means either User A and USer B will have now 5 companies or both have 10 companies. Now again when User A hits to the server...
ASP.NET
7
3968
Session Conflict
by: aroraamit81 | last post by:
Well Guys, Here is a very strange trouble. When more than one users request tto same page at the same time then our session gets conflicted. Moreover I printed my SessionID, strangely but true I got the exact same SessionID as of other users's. Well I guess nothing wrong with my code, do I need to set any property in Web.Config file??
ASP.NET
1
2603
Retrive data from session variables
by: Santosh | last post by:
Dear All i am writting a code sending mail with attachement. i am writting code for sending mail in one page and code for attaching a file in the next page. aftet attaching a file i am taking name of that file from attaching file page to email page through in session file .i am giving a facility of attaching five files to user . and i am taking names of both files in session variables but user attach less than five five
ASP.NET
5
2437
session issues
by: lyealain | last post by:
<% If Session("username") = "" Then Response.Redirect("/CLS/Login.asp") End If Dim conn Dim connectstr Dim db_name, db_username, db_userpassword Dim db_server Dim res
ASP / Active Server Pages
0
9480
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
Windows Server
0
10324
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
C / C++
1
10090
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
Windows Server
0
9949
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
General
0
6739
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
C# / C Sharp
0
5511
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
1
4050
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp
2
3645
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP
3
2879
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us