After FormsAuthentication.signout(), go to login page again 2

[christheprogrammer]

Hi all,
I have a default.aspx page which is made up of several frames. I am using forms authentication, and when the user signs out, how can I make it so that the frames dissappear, and the login page appears on its own? (currently when the signout button is pressed, the login page appears inside the main frame - unsecured). Here is my code for the signout button:

Private Sub signOutButton_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles signOutButton.Click
FormsAuthentication.SignOut()
Session.Abandon()
Response.Redirect("Default.aspx", True)
End Sub

Thanks in advance Chris

 

[Zarcom]

Hahaha
*laughing on the edge of insanity.

I have/had the exact same problem Chris. I got some help previously you might want to check out. Since then I have moved on to other things, though I need to fix this eventually. You can check it out here.
thread855-279459
I am considering using a hyperlink object as it has a target property. Once that is set up I had thought to programmatically call the click event for that hyperlink.

Once I go through these options I will get back to you.

HTH

 

[christheprogrammer]

Thanks Zarcom, looks like you have the exact same problem. I knew the Hyperlink object had a target property, I was just hoping to do it using a nice button to keep with the layout/design of the site - how about this (little hack) - If a put an invisible hyperlink on the page, and when the user presses the button, it redirects to the hyperlink's value... I'm gonna try it
Chris

 

[christheprogrammer]

Unfortunately I can't see an obvious way to programmatically "click" the hyperlink, so I don't think this will work... Chris

 

[Zarcom]

I just went through that as well and can't see it either. I am considering building a custom control for this. Should I end up following this route I will provide a link to it for you.

 

[Zarcom]

yahoo no need for a custom control.

I found a solution in the exact opposite place I was looking for. Put the following code in your login page itself.

In the body tag of the page include this.

onload="TopLoad()"


Somewhere near the top of the page put this in

<SCRIPT LANGUAGE=&quot;javascript&quot;>
<!--

function TopLoad(){
if (window.top != window.self)
{
window.top.location=&quot;login.aspx&quot;;
}
}
//-->
</SCRIPT>


I have submitted this solution as a FAQ as well.

 

[christheprogrammer]

Oh, I Like that! Great work, Zar, thanks Chris

 

[Zarcom]

hey no problem. Glad to help and thanks for the star

 

[christheprogrammer]

No sweat ,hey one other minor question, when you have a login page, do you knoiw how to get the cursor to appear in the username textbox on page load? Just a minor thing... Chris

 

[Zarcom]

haha so you would think it isn't so minor however.
I ended up building a custom control for this one. If you merely want the one field you can just put call this javascript in your page on load function


document.getElementById(controlidhere).focus();


If you want to control this programmatically you can email me or post here and I can send you the control I have.

 

[christheprogrammer]

Thanks, that's all I needed. Your advice did the trick again. I'll try to figure out your other post about the datalist to repay you.... Chris

 

[Zarcom]

That what the forums are all about helpin each other I am just glad I could help and thanks for any input you give on the datalist thing.

 

[christheprogrammer]

Ahhh, I found another problem with this... My Page_Load function does not run to sign off the users properly now, because the topLoad() javascript function is executed immediately on the page loading. So, it appears as if the users never signed off even though they did. Any possible solutions for this? I know I could have two pages, one to do the signing off then redirecting to another which has the javascript function, but that may be slightly too hackish..

Any suggestions? Chris

 

[Zarcom]

not quite sure what you mean here Chris

 

[christheprogrammer]

I just meant that if you put onload=&quot;topLoad&quot; in the body tag of the html, then the vb codebehind function Page_Load is never executed, the javascript redirection occurs before the page_load function can execute. This means that you cannot perform signout operations such as:

FormsAuthenticate.signout()

unless you do it in two steps:

1. Get rid of the frames:
<SCRIPT language=&quot;javascript&quot;>
function topLoad(){
if (window.top != window.self){
window.top.location = &quot;logoff.aspx&quot;
}
}
</SCRIPT>

2. create a page called logoff.aspx and the page_load function will be executed for that page.

Hope this clears it up a bit Chris

 

[jfrost10]

Hey Chris,

I just did EXACTLY what you are asking about the past few days, and wanted to give you my take on how i pulled it off:

In my frames page, in the main frameset tag, I have this:
onunload=&quot;Javascript:window.open(&quot;Logoff.aspx&quot

In my Logoff.aspx page, I have code in the page load that deletes the login information for that user. Then, in the body tag of the page, I have
onload=&quot;Javascript:window.close()&quot;
Since the code behind fires first, the user is logged out AND the logoff.aspx page is never seen (or at the most, seen for a split second).

Now, you want to redirect to a login page. No problem. I'm guessing you have a logout button on one of the pages in your frames. When the user clicks this button, all you have to do is a Response.Redirect to your login. Now, i your login page, you need to put this code in:

if (top != self)
{
top.location = location
}

This will prevent your login page from appearing in a frame (assuming thats what you want). But what about the logout? Thats the beauty of it: that code for logging out will happen whether the browser closes, the user browses to another site, or a redirection happens!

So to sum up:
- your framespage will have code that will open a page to log off your user whether the user closes the browser or redirects to a new page
- your logoff button code merely has to redirect to your login page
- your login page needs code to keep it from showing up in a frame.

Thats all there is to it!


jack

 

[christheprogrammer]

Thanks Jack, that really helps having the logoff code execute whether the user closes the browser, or clicks signoff. I haven't tried it yet, but I will do it now and let you know if it worked... Chris

 

[christheprogrammer]

Ok, Jack you da man - that works perfectly, and the fact that the logoff occurs when the browser is closed is awesome. Thanks for the post and here's a star

:>

Chris

 

[jfrost10]

Sweet! THanks for the star, and glad I coul help


Jack

 

[Guest_imported]

Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
'Put user code to initialize the page here
FormsAuthentication.Signout()
Session.Abandon()
End Sub

I am trying to use the above Code for LogOff operation.
It doesn't work. I have given credentials in Web.Config file
First time the user should enter their username and password(logon.aspx) then the page process the default.aspx file after checking their credentials its working fine.
The default.aspx file has a menu &quot;logoff&quot; if the user click the menu it process the logoff.aspx file(Just like a Link).
I have a link in logoff.aspx file which bring back to default.aspx.
Here is the problem it directly goes to the default.aspx page. How it is happening?
If the above code is works then the Link in logoff page should check the user crendentials i.e it should go to only logon.aspx file not Logoff.aspx.


Web.Config
<configuration>
<system.web>
<compilation defaultLanguage=&quot;vb&quot; debug=&quot;true&quot; />
<customErrors mode=&quot;RemoteOnly&quot; />
<authentication mode=&quot;Forms&quot;>
<forms name=&quot;appNameAuth&quot; loginUrl=&quot;Login.aspx&quot;
timeout=&quot;30&quot; path=&quot;/&quot; protection=&quot;All&quot;>
<credentials passwordFormat=&quot;Clear&quot;>
<user name=&quot;xxxx&quot; password=&quot;password&quot; />
</credentials>
</forms>
</authentication>
<authorization>
<deny users=&quot;?&quot; />
</authorization>
</system.web>
</configuration>