fadi Posted September 23, 2003 Posted September 23, 2003 hello, i'm still on my implemention of a sign-in feature to a web site that checks if a certain user is not logged-in before allowing him to log in. Now i want to automatically sign the user out when the session ends. i placed the following code in the gloabl.asax session_end event: If Not Session("UserName") Is Nothing Then Dim myAccess As New Authentication() myAccess.UserName = Session("UserName") myAccess.SignOut() End If this code sings the user out by changing a boolean field in the database. The problem is that when the session expires, the Session("UserName") is set to nothing and i'm not able to determine who is the user that i should sign him out. if anybody can help i'll be thankfull.... thanks Quote
*Gurus* Derek Stone Posted September 23, 2003 *Gurus* Posted September 23, 2003 If the sessions ends the user should automatically be signed out. In a Web-based environment there is no absolute way of determining when the session has ended. You need to re-evaluate how your authentication scheme works, since it appears to be somewhat flawed if you need to explicitly log someone out. The absence of a cookie (or a session, little difference) should be enough to deny access. Quote Posting Guidelines
fadi Posted September 24, 2003 Author Posted September 24, 2003 well i used a cookie without storing it on the client machine (didnt set the expire property), the solution worked but i still have to try if the client blocked cookies would it work or not (it should bc i didnt store the cookie phisycally on the client Quote
*Gurus* Derek Stone Posted September 24, 2003 *Gurus* Posted September 24, 2003 The only place cookies are stored is on the client. Sessions also require cookies, unless you set the application's configuration file to act otherwise (append the session ID to the URL). Quote Posting Guidelines
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.