Vb.net logout

**Shashi Sadasivan** · Apr 5 '10, 05:41 AM

The browser caches the pages visited, which is what you need to clear / disable

put this line in the Page_load of every page that you dont want to be cached (alternatively you can put this in the master page too)

Code:

Response.Cache.SetCacheability(HttpCacheability.NoCache);

Here is a link with this discussion

Developer technologies - Microsoft Q&A

http://forums.asp.net/t/1060173.aspx

A broad category of Microsoft tools, languages, and frameworks for software development. Designed to support developers in building, debugging, and deploying applications across various platforms.

**sasasasa** · Apr 6 '10, 04:00 PM

Thanks for reply, I used this but it is not working. I am using

Code:

 Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load

        Response.Cache.SetCacheability(HttpCacheability.NoCache)
        Response.Cache.SetAllowResponseInBrowserHistory(False)


    End Sub

Am I doing something wrong, please help me. It is still not logging out.
Sa

**Frinavale** · Apr 6 '10, 04:50 PM

That will simply prevent the user from returning to the page that is cached in the browser. To log out the user you have to do "something" to log out the user.

When the user logs in what do you do?

**sasasasa** · Apr 6 '10, 06:31 PM

just Response.Redire ct to the page I want user to go after logging in. I don't know if how to transfer user information to that new page.
Sa

**Frinavale** · Apr 6 '10, 07:26 PM

Well then you aren't "logging in" the user so there's no way to log out the user.
An old-school way to do "log in" a user would be to set a variable in Session and to check that variable every page access...if there is no variable there then you know that the user is not "logged in".

For example, in your Login page you would check to make sure that the user provided the correct userID and password and then you would store the UserID in session:

Code:

'when the user tries to log in, check to make sure they provided
'valid credentials...if that authenticates then store the user ID in session
If authenticateUser(txt_userID.Text, txt_password.Text) = True Then
  Session("userID") = txt_userID.Text
End If

Now you have to check to make sure that a value exists in Session("userID ") on every page that is restricted to logged in users. If this does not exist then you redirect them to the login page (or something).

So in every Page Load you will have:

Code:

If Session("userID") Is Nothing Then
  Response.Redirect("~/login.aspx", True)
End If

When the user logs out, either use Session.Abandon (which cleans up everything in session and is probably the best thing to use) or you can just set Session("userID ")=nothing.

This is very basic authorization stuff :)

-Frinny

**sasasasa** · Apr 8 '10, 02:43 AM

Thanks for your help. This procedure seems good and easy to apply but when we press the back button in the browser it still goes back as if the person is logged on still.
I am using
Session("UserNa me") = txt_UserName.Te xt
when the username and password matchs the database values. And on the secured pages
If Session("UserNa me") Is Nothing Then
Response.Redire ct("~/Login.aspx", True)
End If
It works till here. Then on the logout click button I have written
Session.Abandon ()
Session("UserNa me") = Nothing
Response.Redire ct("~/Login.aspx)
The page is redirected to the Login page but the user doesn't log out. The browser back button takes me back to the secured page.

I don't know what to do.

**Frinavale** · Apr 8 '10, 03:14 AM

That's a bit tricky.
You can try what has already been suggested...you can try setting the expiry date of the pages and using meta tags to try and tell the browser not to cache things. But I haven't found that any of these techniques work (well they kind of do in some browsers but not others and it's just not worth it)

The only way I've found to get around this is to use Ajax on the page.
If you place the page's content in an UpdatePanel than anything the user does on the page wont be cached. It can't be because the browser can only cache full page requests (right now).

So if the user hits the back button they won't see any of the previously entered data...they'll just see the page as it was before they did any work in it.

As soon as the user does anything that causes a post back to the server then they will be redirected again.

You may be able to use JavaScript in some way to send a request to the server but I'm not sure how you'd detect this and to be honest I think it might be tricky to implement.

-Frinny

Vb.net logout

Vb.net logout

Comment

Comment

Comment

Comment

Comment

Comment

Comment