CODEDIGEST
Home » CodeDigest
Search
 

Technologies
 

FormsAuthentication.SignOut() does not reflect in LoginStatus and LoginName control in ASP.Net
Submitted By Satheesh Babu B
On 10/26/2008 10:57:52 PM
Tags: asp.net,CodeDigest  

FormsAuthentication.SignOut() Problem with LoginStatus and LoginName control in ASP.Net

 

 Suppose, if we have password reset feature in our ASP.Net site then the user should be forced to logged out once he chooses the new password, clicked save. He should be asked to login again and verify the new password.

When a user is already logged he can reach the form PasswordReset.aspx and he can choose the new password. When the user types in the new password and clicked save the user is made logged off by calling SignOut() method of FormsAuthentication object. Refer the code below,

 

int res = userDAO.ResetPassword(User.Identity.Name, txtOldPassword.Text, txtConfirmPassword.Text);

lblMessage.Text = SUCCESSMSG;

FormsAuthentication.SignOut();

 

The actual problem is here. After the password reset is successful the above code will log out the user as planned. But the LoginStatus and LoginName controls on the page will still show the status of the user as logged in.

 

 

When the form is refreshed or for the subsequent server trip the status of the user that is displayed on the form will be successfully changed to logged out.  The cause for this problem is even after the FormsAuthentication.SignOut(); line execution the context information of the current request will still hold the logged in user information i.e. On executing the line Context.User.Identity.Name after the signout code will still give the logged in user information and thus LoginStatus control didn’t reflect the logout change. From the next request Context.User.Identity.Name will have no value in it which will make the login control to behave correctly.

 

The work around for the above problem will be making the User attribute of Context object to null.

The final code is,

 

int res = userDAO.ResetPassword(User.Identity.Name, txtOldPassword.Text, txtConfirmPassword.Text);

lblMessage.Text = SUCCESSMSG;

FormsAuthentication.SignOut();

Context.User = null;

 

The other way of solving this problem is by redirecting the user to the login page after changing the password. But you need to have some logic to notify the user that password is successfully changed.

 

 
Do you have a working code that can be used by anyone? Submit it here. It may help someone in the community!!
Recent Codes
  • Convert DateTime to Different TimeZone in C#, ASP.Net
    		•
  • Get Month Name and Day name for a Date in C#, ASP.Net
    		•
  • Format DateTime based on Country or Culture in C#, ASP.Net
    		•
  • Get All Language-Country Code List for all Culture in C#, ASP.Net
    		•
  • How to strip HTML tags, HTML Encode and Decode HTML string using jQuery/JavaScript in ASP.Net?
    		•
  • How to search a folder or file under a directory using wildcard in C#?
    		•
  • Disable or Make a ListItem Non selectable ASP.Net DropDownList
  • Block or Disable Cut, Copy and Paste operation in ASP.Net TextBox Using jQuery
    		•
  • How to split string using C#?
    		•
  • How to check if a String is Integer in C#? (Part 2)
    		•
    View All Codes..
     
    www.codedigest.com. All articles are posted "AS IS" with no warranties. All articles are posted for educational purpose only and individual authors are responsible for their article. Please mail admin@codedigest.com for any queries or compliants.
    Disclaimer  Terms and Condition  Privacy Policy  Contact Us   Our network websites: ChennaiOnNet.Com