For Proper Log out in ASP web application.

5 pts.
Tags:
ASP
ASP.NET
Web application security
Web development
Hopefully there are some ASP/VB experts out there who can help me. My problem is to have proper log out in an ASP web application. Specifically, the problem is that I have a web application which is built in ASP, now when the user clicks on the log out link, then user is redirected to the login page, and I am doing Session.Abondon when the log out link is clicked. But the problem is when the user hits the BACK button of the browser the user can still go back to the application, because that page is retreived from the browser cache, not from the server. I cannot diable caching of the page, since it is the requirement of the application. Therefore, my question is how can I do a proper log out in this scenario, so that even if the back button is clicked, the user should not get back to the application pages, and this has to be done, by not disabling caching of pages.

Answer Wiki

Thanks. We'll let you know when a new response is added.

When you click logout there will need to be an “extra page” so the sequence would be something like this.

Logged in page click logout (submit to intermediate page)
Intermediate page do your session.abandon set expires & cache to -1 & put in JS
<script language=”javascript”>
window.location=”finalpage.asp”
window.history.forward(20);
</script>
response.redirect finalpage.asp

final page finalpage.asp (landing page for logged out users)

Earl

http://www.duckin4printing.com/

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following