stackoom
  简体   繁体   中英

IIS 8.0 Website on F5 with SSL - unable to log out of website

 原文  2017-03-03 20:05:04       asp.net/ iis-8/ f5

Question

we have an odd situation where a user logs into the site (Asp.Net), and upon logging out, it only directs us to the main page " https://newsite/default.aspx " however if we replace default with login, we are immediately logged back in. This happens only when we go through the public IP with associated DNS A record located on the F5. If we open the site on the IIS server via IP binding " https://ipaddress/default ", I can login and logout and stay logged out, it works as expected. I have worked with F5 support and have tried multiple different configuration changes, and no dice, same behavior everytime. The newsite is set up identically in F5 to our current production site, and developers say the logout code is identical to current production so we are confused as to why this is happening. Persistence is set on the load balancer as well. Any help in the right direction would awesome.

2 answers

solution1
 0  2017-03-04 13:38:40

A couple things I would suggest checking:

  1. If you monitor the traffic with something like Fiddler and compare the results of login/logout with the F5 and without, do you see any difference? I would look for specific things like cookies being set or removed. I know ASP.NET uses specific cookies for sessions, so I would wonder if that cookie is not getting deleted properly on logout.

  2. Once you log out of the site (when going through the F5), if you refresh the page, do you stay logged in (in this case, I could see where some kind of caching may send back the page even though you're logged out. If this is the case, you could have an F5 admin check to see if there's a Web Acceleration profile on the virtual server and remove it to see if that helps.

solution2
 0  2017-03-07 00:11:05

Looks like specific security cookie code was causing the issue of creating a duplicate cookie within ektron.

Following code was removed, and now log out is working properly via SSL through our F5.

Code removed: Dim lSec As SecurityAPI.Cookie = New SecurityAPI.Cookie(Me, mServerEnvironment, mCOGUser.PeopleID) lSec.SetCookie()

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Unable to disable SSL for website Unable to get legacy XML-RPC website working in IIS 8.0 integrated mode How to copy IIS 7.0 website to local computer running IIS 8.0 How to check website's log under IIS 7 IIS Log files for ASP.NET website Unable to find DLL when website runs in IIS Unable to Add .net 3.5 Website to IIS Express Running VS In IIS Mode and pressing F5 SSL Cert.for IIS Virtual Directory vs Website Will my SSL certificate work for new Wordpress website on IIS?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM