I have a problem with the user Login and Logout in an MVC3 application. Here’s an example of my logout actions in my user controller:

public ActionResult Logout()
{
    FormsService.SignOut();
    Session.Clear();
    return RedirectToAction("index", "home");
}

Once a user clicks Logout this action is called, it clears the session information and then the user is redirected to the index page.

On my index page I call a C# helper to display a message like this:

@section links { @Html.HdrLinks("Home", "", Context.User) }

Here’s part of the code of the helper:

System.Security.Principal.IPrincipal user

if (user.Identity.IsAuthenticated)
{
   return new MvcHtmlString("Welcome " + user.Identity.Name);
}

My problem is that when the index page displays IMMEDIATELY AFTER the logout it still shows the same session information. In other words it still shows a message like “Welcome John”. Only AFTER I refresh the page in the browser does it correctly see that there user name is not set in the session.

Does anyone have any ideas on what I can do to make it so that after a logout and a redirect then the index page does not still think the user is logged in? For example is there some call other than RedirecToAction that I could execute that would help me.

UPDATE:

It would seem that when I change my code to the following then it does what I want and when it gets to display the index page then it does not show me I am still logged in. However I am not sure why this works.

FormsService.SignOut();
Session.Clear();
Session.Abandon();
return new RedirectToRouteResult(new RouteValueDictionary(new { controller = "Home", action = "Index" }));