Hi,
I m very greatful to you for responding my questions.
I have lot of queries as i m new to .net.
1.
i m not using any login form. i m using basic authentication which by default asks for username and password. After authentication user is redirected to default.aspx page 'n' in that page_load i m setting
session["username"]=loginusername.
'n' this is the reason of using logoff.aspx page.
code for
global.asax file is :
<%@ Application Language="C#" %>
<script runat="server">
void Application_Start(object sender, EventArgs e)
{
// Code that runs on application startup
}
void Application_End(object sender, EventArgs e)
{
// Code that runs on application shutdown
Application["URL"] = null;
Application.RemoveAll();
Application.Clear();
}
void Application_Error(object sender, EventArgs e)
{
// Code that runs when an unhandled error occurs
}
void Session_Start(object sender, EventArgs e)
{
Application.Lock();
string url = "";
//code to form the url
Application["URL"] = url;
Application.UnLock();
}
void Session_End(object sender, EventArgs e)
{
Session.Clear();
Session.RemoveAll();
Request.Cookies.Clear();
Request.Headers.Clear();
Session.Abandon();
}
</script>
code for
default.aspx.cs page is:
protected void Page_Load(object sender, EventArgs e)
{
string UserName = User.Identity.Name;//Request.LogonUserIdentity.Name;
Session["Username"] = UserName;
Response.Redirect("items.aspx?nid=Start");
}
and the code that i sent u earlier is for master page.
When sesion expires, session_end is not getting called at all.
So i m using session.abondon() in logoff.aspx page.
2. i m using basic authentication, so whenever after logoff i m opening site in same browser its not asking for login user 'n' password. it is directly opening the site.
Is there solution for this also?
3. i m providing facility to user to chenge the server date 'n' time and also shutdown/restart the server through webui.
When i tested my code locally via asp development, then its working fine. But after deploying the web app, when i m accessing site via
https://webapp then its throwing exception "Privilege not held".
Even i haveenabled privileges for the user.
Deployment scenario is :
Basic authentication 'n' identity is "LocalSystem".
Any help in this issue?
Thanks a lot.
Regards,
Anu
First of all you are specifically link them to the Log Out page in your redirect.
Why are you doing this? If their session doesn't exist then they are logged out are they not? Shouldn't you redirect them to your Log In page instead?
You should consider putting any log-out clean up in your Session_End event instead of redirecting your user to the Log Out Page.
I'm really note sure why Session_Start is called every time you click on a button in your site....unless you are not storing anything in session and then you are trying to access it to tell if the user is logged in.
Please post your code for your Log In Button Click so that I can see what you are doing.
-Frinny