stackoom
  简体   繁体   中英

Asp.Net 2 integrated sites How to Logout second site programatically

 原文  2010-04-23 07:53:52       c#/ .net/ asp.net

Question

I am working with an asp.net 2.0 site (call it site 1) which has an iframe in it which loads up another site (site2) which is also an asp.net site which is developed by our team. When you log onto site 1 then behind the scenes site 2 is also logged in so that when you click the iframe tab then this displays site 2 with the user logged in (to prevent the user from having to log in twice).

The problem i have is that when a user logs out of site 1 then we call some cleanup methods to perform FormsAuthentication.SignOut and clean session variables etc but at the moment no cleanup is called when the user on site 2. So the issue is that if the user opens up Site 2 from within a browser then website 2 opens with the user still logged in which is undesired. Can anyone give me some guidance as to the best approach for this?? One possible approach i though of was just that on click of logout button i could do a call to a custom page on Site 2 which would do the logout. Code below 

    HttpWebRequest request;
    request = ((HttpWebRequest)(WebRequest.Create("www.mywebsite.com/Site2Logout.aspx")));
    request.Method = "POST";
HttpCookie cookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
Cookie authenticationCookie = new Cookie(
FormsAuthentication.FormsCookieName,
                            cookie.Value,
                cookie.Path,
                HttpContext.Current.Request.Url.Authority);
request .CookieContainer = new CookieContainer();
request .CookieContainer.Add(authenticationCookie);
response.GetResponse();

Problem i am having with this code is that when i run it and debug on Site 2 and check to see if the user is Authenticated they are not which i dont understand because if i open browser and browse to Site 2 i am Still authenticated. Any ideas , different direction to take etc ??? Please let me know if you need any more info or if i something i have said dosent make sense.

Thanks

1 answers

solution1
 1 ACCPTED  2010-04-23 15:39:53

What about using the same cookie for both sides? If your sites log into the same membership database the following link provides a simple solution without synchronization code for log in and cleanup.

http://www.codeproject.com/KB/aspnet/SingleSignon.aspx

Just snyc the forms authentication (same domain, same name) and use the same (fixed) machineKey.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to programatically detect if my application is running in IIS 7.0 Integrated mode from within an ASP.NET page How to display another sites RSS feed in my ASP.NET site? C# create site in IIS programatically in asp.net project Logout - How to clear cache , asp.NET How to avoid domain login prompt for an ASP.Net Core 2 WebAPI site - that handles CORS as well as Windows Integrated Security Datasets and ASP.Net sites ASP.NET Automatic logout Integrated authentication in ASP.NET for a BlackBerry client Integrated security with crystal report in ASP.NET How to logout user in OWIN ASP.NET MVC5
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM