Signout link not completely logging out user

Beau Cowan asked on May 5, 2014 20:42

I created a link on my Root.Master page with an asp click event that is supposed to logout the user. I can get them to go to the logout screen just fine, but when I type back in http://www.domain.com/en/foo/bar/ into the browser, it still shows the user as being able to access that page.

I've followed some of the code from the signout button widget, and I currently have this in my code: CMSContext.LogoutUser(); System.Web.Security.FormsAuthentication.SignOut(); CMSContext.CurrentUser = null; Response.Cache.SetNoStore(); Session.Abandon();

None of that seems to be working accurately at the moment. Is there something that I'm missing?

Recent Answers

Brenden Kehren answered on May 5, 2014 23:22

Are you sure you have permissions set properly on the "bar" page?

0 votesVote for this answer Mark as a Correct answer

Beau Cowan answered on May 6, 2014 11:41

Yes, all pages require authentication and requires SSL. This is done at the root level and is inherited to all of the of the child documents.

0 votesVote for this answer Mark as a Correct answer

Beau Cowan answered on May 6, 2014 12:14

After looking at some of the other files, I found a solution in how the CMS logs out users from this file: ~\CMSAdminControls\UI\Header.ascx.cs

Around line 563, there is a string on where you want the user to be redirected to from signout, and the function that does the signout process: CMSPage.SignOut(signOutUrl);

This seems to be working much better than the other solution that I found through the articles.

0 votesVote for this answer Mark as a Correct answer

Richard Sustek answered on May 18, 2014 05:00

Hi,

Thank you for your message.

If you want to see how we are logging out users you can also check the following file:

~CMSWebparts/Membership/Logon/SignOutButton.ascx

There is more to it because you also need to handle logging out FB users and so on.. This page should contain all you need to do in order to successfully logout user in code.

Kind regards,

Richard Sustek

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.