如何实际从网站注销而不是简单地重定向到登录页面?
[英]How to actually logout from a website rather than simply redirecting to login page?
问题描述
I am using response.redirect facility to send the user back to login page when he clicks the logout image button but that does not actually perform the logout operation and when user clicks the backspace button in keyboard or back button in browser the user screen gets displayed back. 
我正在使用response.redirect工具将用户单击注销图像按钮,但实际上并未执行注销操作,并且当用户单击键盘中的退格按钮或浏览器中的后退按钮时,将用户返回登录页面背部。 How to control this situation in c# asp.net and i have read some posts saying that the session should be cleared before redirecting but i dont know how to apply it in my form. 如何在c#asp.net中控制这种情况,我已经阅读了一些帖子,说应该在重定向之前清除会话,但是我不知道如何在表单中应用它。 I have enclosed the coding below and i request someone to help me out of this situation in a clear manner. 我已在下面附上代码,并要求某人以明确的方式帮助我解决这种情况。
In Loginpage.aspx 在Loginpage.aspx中
protected void btnLogin_Click1(object sender, EventArgs e)
{
var query = (from row in db.Logins where row.Userid == txtUname.Text && row.Password == txtPassword.Text select new { row.Userid, row.Password, row.Admin_Roll, row.Manager_Roll}).Distinct();
if (query.Count() > 0)
{
if (query.Single().Admin_Roll == 1)
{
Response.Redirect("~/HomePage.aspx");
}
else if (query.Single().Manager_Roll == 1)
{
Response.Redirect("~/DetailsPage.aspx");
}
and in Masperpage.master 在Masperpage.master中
protected void ImageButton1_Click(object sender, ImageClickEventArgs e)
{
Response.Redirect("~/LoginPage.aspx");
}
Suggest me some solution. 建议我一些解决方案。
6 个解决方案
解决方案1
2 已采纳 2014-11-15 07:22:38
For the you have to clear all Session and Cookies from you browser using C# Code. 对于您,您必须使用C#代码从浏览器中clear所有会话和Cookie。
- LogoutPage.aspx 注销页面
` `
protected void Page_Load(object sender, EventArgs e)
{
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.SetExpires(DateTime.UtcNow.AddHours(-1));
Response.Cache.SetNoStore();
Session.Abandon();
Session.Clear();
System.Web.Security.FormsAuthentication.SignOut();
// DO NOT REDIRECT TO LOGIN PAGE FROM HERE
// REDIRECT TO LOGIN PAGE FROM JAVASCRIPT
}
` `
and the same way you also have to clear browser
Historyusing javascript on page loadHistory
` `
<script type="text/javascript">
$(document).ready(function () {
var url = window.location.href;
window.history.go(-window.history.length);
window.location.href = 'Login.aspx'; // REDIRECT TO LOGIN PAGE
});
</script>
` `
Updated Answer: It is better to make a different Page for logout as Logout.aspx and write this code in Page_Load event of Logout.aspx page. 更新的答案:最好将另一个注销页面作为Logout.aspx并在Logout.aspx页面的Page_Load事件中编写此代码。 And write above javascript in <Head> tag in Logout.aspx page. 并在Logout.aspx页面的<Head>标记中编写以上javascript。
解决方案2
1 2014-11-15 07:21:23
You can actively sign the person out when using forms authentication. 使用表单身份验证时,您可以主动注销此人。
protected void Page_Load(object sender, EventArgs e)
{
// The SignOut method invalidates the authentication cookie.
FormsAuthentication.SignOut();
Response.Redirect("Login.aspx");
}
SEE Microsoft reference : http://msdn.microsoft.com/en-us/library/aa288576(v=vs.71).aspx 请参阅Microsoft参考: http : //msdn.microsoft.com/zh-cn/library/aa288576(v=vs.71).aspx
解决方案3
1 2014-11-15 07:22:08
There are several ways 有几种方法
Clear Your Session using Session.Abandon and use Response.Redirect("~/LoginPage.aspx"); 使用Session.Abandon清除Session并使用Response.Redirect("~/LoginPage.aspx");
Then you can use Following Methods to Clear Cache or clear history 然后,您可以使用以下方法清除缓存或清除历史记录
Using Codebehind 使用代码隐藏
// Code disables caching by browser.
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.SetExpires(DateTime.UtcNow.AddHours(-1));
Response.Cache.SetNoStore();
Using JavaScript 使用JavaScript
<SCRIPT LANGUAGE="javascript">
function ClearHistory()
{
var backlen = history.length;
history.go(-backlen);
window.location.href = loggedOutPageUrl
}
</SCRIPT>
with asp.net 与asp.net
without update panel 没有更新面板
Page.ClientScript.RegisterStartupScript(this.GetType(),
Guid.NewGuid().ToString(),"ClearHistory();",true);
with update panel 带有更新面板
ScriptManager.RegisterStartupScript(this,this.GetType(),
Guid.NewGuid().ToString(),"ClearHistory();",true);
解决方案4
1 2014-11-15 07:22:23
You should implement Forms Authentication . 您应该实现表单身份验证 。
You can then use SignOut Method as below:- 然后,您可以使用SignOut方法,如下所示:
FormsAuthentication.SignOut();
Response.Redirect("~/LoginPage.aspx");
Edit : 编辑 :
Forms authentication is used for internet web applications. 表单身份验证用于Internet Web应用程序。 If you wanna authenticate users who are not just a part of a domain (as in windows authentication) then for web apps you should go with forms authentication. 如果要对不只是域一部分的用户进行身份验证(如Windows身份验证),则对于Web应用程序,应使用表单身份验证。 This can be enabled by adding authentication mode as Forms in web.config file something like this:- 可以通过在Web.config文件中将身份验证模式添加为Forms来启用,例如:
<authentication mode="Forms">
<forms loginUrl="Login.aspx" timeout="50"
defaultUrl="Default.aspx" protection="All">
</forms>
</authentication>
You need to read in detail about this on MSDN . 您需要在MSDN上详细阅读此内容。
解决方案5
1 2014-11-15 07:23:53
I think you had problem with back button,below code wil diable back button when user is logged out. 我认为您在使用后退按钮时遇到了问题,在用户注销后,以下代码会导致后退按钮失效。
private void Page_Load(object sender, EventArgs e)
{
Response.Buffer= true;
Response.ExpiresAbsolute=DateTime.Now.AddDays(-1d);
Response.Expires =-1500;
Response.CacheControl = "no-cache";
if(Session["SessionId"] == null)
{
Response.Redirect ("Loginpage.aspx");
}
}
}
解决方案6
1 2014-11-15 07:25:05
You can also abandon their session, simply add Session.Abandon(), although the forms signout seems a more robust answer. 您也可以放弃他们的会话,只需添加Session.Abandon(),尽管表单签出似乎是一个更可靠的答案。
protected void ImageButton1_Click(object sender, ImageClickEventArgs e)
{
Session.Abandon();
Response.Redirect("~/LoginPage.aspx");
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.