I'm using MySQL Connector/.NET, all its providers with FormsAuthentication.
I need all users to log out at some moment. The method FormsAuthentication.SignOut()
does not work like I want.
How can I make a logout of all site users?
The Force Logout command logs a user out of the CORE Server. This command is accessed from the sessions section of the administrative tools, and the selected active users are logged out. The login screen appears for the user to exit CORE or log back in.
1. Click the avatar at the top-right corner of the page. 2. Click the “Sign Out” link below the large profile photo on the page.
As Joe suggests, you could write an HttpModule to invalidate any cookies present before a given DateTime. If you put this in the config file, you could add / remove it when necessary. For example,
Web.config:
<appSettings>
<add key="forcedLogout" value="30-Mar-2011 5:00 pm" />
</appSettings>
<httpModules>
<add name="LogoutModule" type="MyAssembly.Security.LogoutModule, MyAssembly"/>
</httpModules>
HttpModule in MyAssembly.dll:
public class LogoutModule: IHttpModule
{
#region IHttpModule Members
void IHttpModule.Dispose() { }
void IHttpModule.Init(HttpApplication context)
{
context.AuthenticateRequest += new EventHandler(context_AuthenticateRequest);
}
#endregion
/// <summary>
/// Handle the authentication request and force logouts according to web.config
/// </summary>
/// <remarks>See "How To Implement IPrincipal" in MSDN</remarks>
private void context_AuthenticateRequest(object sender, EventArgs e)
{
HttpApplication a = (HttpApplication)sender;
HttpContext context = a.Context;
// Extract the forms authentication cookie
string cookieName = FormsAuthentication.FormsCookieName;
HttpCookie authCookie = context.Request.Cookies[cookieName];
DateTime? logoutTime = ConfigurationManager.AppSettings["forcedLogout"] as DateTime?;
if (authCookie != null && logoutTime != null && authCookie.Expires < logoutTime.Value)
{
// Delete the auth cookie and let them start over.
authCookie.Expires = DateTime.Now.AddDays(-1);
context.Response.Cookies.Add(authCookie);
context.Response.Redirect(FormsAuthentication.LoginUrl);
context.Response.End();
}
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With