Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Clearing a session in ASP.NET

Tags:

.net

asp.net

session

logout

siteminder

I'm a new developer, and I've been assigned the task of figuring out why our log out function is not working. I've tried every possible method I can find. Below is the log I've kept that includes the methods I've used.

  1. Added a log out button to the CommonHeader.ascx form

  2. Have tried numerous methods in the logout.aspx.vb form to get it to end or clear the session but none of them work.

a. ClearSession sub routine defined in the logout.aspx.vb form:

Session("Variable") = ""
FormsAuthentication.SignOut()
Session.RemoveAll()
Session.Abandon()
Session.Clear()

b. Also added this to the top of the Page_Load sub routine: 

HttpContext.Current.Response.Cache.SetCacheability(HttpCacheability.NoCache)
HttpContext.Current.Response.Cache.SetNoServerCaching()
HttpContext.Current.Response.Cache.SetNoStore()

c. Also changed the ClearSession sub routine to Session.Contents.Remove("Variable") from Session("Variable") = ""

None of these methods work. We use Siteminder, and I've been wondering if this is the root of the problem. I just can't find anything on clearing a Session that uses Siteminder. Also keep in mind this application is coded with Visual Studio 2003.

This is the code for the button I'm using in the ascx file:

athp:TopNavText Title="Log Out" NavigateUrl="logout.aspx" Target="_top"/

Then on the "logout.aspx" form I've tried just using one of the methods described above or a combination of each one. This is the code before I ever touch it:

Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load  

     ClearSession() 
     Response.Redirect("login.aspx") 

End Sub 

Public Sub ClearSession() 

     Session("Variable") = "" 

End Sub
like image 353
gbills Avatar asked Oct 12 '12 15:10

gbills

1 Answers

Finally figured out the solution, I originally did not define the domain upon deletion of the cookie which contained the siteminder session id. The code I used is as following:

        Dim cookie3 As HttpCookie = New HttpCookie("SMSESSION", "NO")
        cookie3.Expires = DateTime.Now.AddYears(-1)
        cookie3.Domain = ".domain.com"
        Response.Cookies.Add(cookie3)

        Response.Redirect("login.aspx")
like image 198
gbills Avatar answered Oct 13 '22 12:10

gbills
Sign in to Comment

Related questions

stop Response.Redirect from encoding
Add Classes to LI in ASP.NET RadioButtonList
Treeview from sql table
Can I modify an MVC route outside of Global.asax?
Creating a SECURE high score service using ASP.NET MVC 3
Asp.net MVC 3 Conditional validation with DataAnnotations
What are the prerequisites for installing an ASP.NET application?
Is giving each of my customers a dedicated database and app pool scaleable? [closed]
ASP.NET: UpdateProgress doesn't work with controls that have ClientIDMode="Static"
Remove whitespaces and newlines when parsing with HtmlAgilityPack
IIS 7 Logging Web Service methods
Error in Dropdownlist
Setting HTTP cache control headers in WCF service
A potentially dangerous Request.Form value was detected from the client
Why is Request.ServerVariables["HTTP_HOST"] different from Request.Url.Host?
Why is Web.config looking for configSource in project folder instead of bin?
How to run .bat file on server after web deploy publish
ASP.NET membership provider with EF
500 Internal Server Error IIS7 Encoded url
AD User Authentication

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!