clear session on click of logout button

Question

0.00/5 (No votes)

See more:

I m working on an application in which i log in using empID and password. I ve added the value of EmpID in session and using it in aspx pages for certain validations.
The problem I am facing is when I log in and open a page like default2.aspx and copy the url from browser. I ve placed a logout button on default2.aspx page in which I ve called these functions

VB

session.abandon()
session.clear()

none of them is working i.e. when i press logout button i redirected succesfully to main login page clearing the session values but when paste the url of default2.aspx page, my application just enters the page without any session value errors,even the page_load function doesn't run where i can check if session has some values.

I just need that whenever user paste the url of default2.aspx in same browser(without closing it) after logout, it should give him an error that session expired!Login to continue

Pls help

Posted 12-Jul-11 5:15am

dush71816

Add a Solution

Comments

Maciej Los 12-Jul-11 14:58pm

If both methods not working, try to set EmpID = 0 (or any value that not exists). It' a little joke ;) but i recommend you to read this article: session state overview[^]. It would be helpful.

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

thatraja · Answer 1 · 2011-07-12T19:45:00

Solution 1

Look at this Tip/Trick

Browser back button issue after logout[^]

Posted 12-Jul-11 19:45pm

thatraja

Comments

Abhijit Jana 13-Jul-11 3:17am

I don't think OP is looking for this one, his problem is something else. But this will also help in next step when he overcome the current problem :)

Abhijit Jana · Answer 2 · 2011-07-12T21:15:00

You mentioned
"when i press logout button i redirected succesfully to main login page clearing the session values but when paste the url of default2.aspx page, my application just enters the page without any session value errors,even the page_load function doesn't run where i can check if session has some values."

Are you checking for session variable on that page ?

Let say, you have session Variable Session["UserName"] = "Something" . When you do call Session.Abandon(), it destroy the all session object. So Session["UserName"] became null.
What you need to check in your Page_Load() is

if(Session["UserName"] != null )
  {
    // Do your Stuff
  }
   else
   {
    // redirect to login page
   }

for generic implementation create a Base Page Class with all the global validation related checks and inherited other page from global base page, so you do not need to write this logic for all pages !

If you really interested to look how session clears session variable, have a look
ASP.NET Internals : “Clearing ASP.NET Session Variables” a in-depth look[^]

Hope this will help !