Click here to Skip to main content
14,973,117 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
I m working on an application in which i log in using empID and password. I ve added the value of EmpID in session and using it in aspx pages for certain validations.
The problem I am facing is when I log in and open a page like default2.aspx and copy the url from browser. I ve placed a logout button on default2.aspx page in which I ve called these functions

VB
session.abandon()
session.clear()



none of them is working i.e. when i press logout button i redirected succesfully to main login page clearing the session values but when paste the url of default2.aspx page, my application just enters the page without any session value errors,even the page_load function doesn't run where i can check if session has some values.

I just need that whenever user paste the url of default2.aspx in same browser(without closing it) after logout, it should give him an error that session expired!Login to continue

Pls help
Posted
Comments
Maciej Los 12-Jul-11 14:58pm
   
If both methods not working, try to set EmpID = 0 (or any value that not exists). It' a little joke ;) but i recommend you to read this article: session state overview[^]. It would be helpful.

Look at this Tip/Trick

Browser back button issue after logout[^]
   
Comments
Abhijit Jana 13-Jul-11 3:17am
   
I don't think OP is looking for this one, his problem is something else. But this will also help in next step when he overcome the current problem :)
You mentioned
"when i press logout button i redirected succesfully to main login page clearing the session values but when paste the url of default2.aspx page, my application just enters the page without any session value errors,even the page_load function doesn't run where i can check if session has some values."

Are you checking for session variable on that page ?

Let say, you have session Variable Session["UserName"] = "Something" . When you do call Session.Abandon(), it destroy the all session object. So Session["UserName"] became null.
What you need to check in your Page_Load() is

if(Session["UserName"] != null )
  {
    // Do your Stuff
  }
   else
   {
    // redirect to login page
   }


for generic implementation create a Base Page Class with all the global validation related checks and inherited other page from global base page, so you do not need to write this logic for all pages !

If you really interested to look how session clears session variable, have a look
ASP.NET Internals : “Clearing ASP.NET Session Variables” a in-depth look[^]

Hope this will help !
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900