Home/ Questions/Q 1049051
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-16T16:33:17+00:00

I have some problems with getting my website to log out the authenticated user

  • 0

I have some problems with getting my website to log out the authenticated user automatically when the session ends (the user closes the browser).

This is what I have in my web.config:

<authentication mode="Forms">
    <forms name="AuthCookie" protection="All" loginUrl="~/default.aspx" path="/" cookieless="UseCookies" timeout="2592000"/>
</authentication>

<authorization>
    <allow users="?" />
</authorization>

<membership defaultProvider="ASPPGSqlMembershipProvider" userIsOnlineTimeWindow="20">
    <providers>
        <clear />
        <add name="AspNetSqlMemberShipProvider" applicationName="umbraco4" type="System.Web.Security.SqlMembershipProvider" connectionStringName="UmbracoDb" requiresUniqueEmail="true" enablePasswordReset="true" enablePasswordRetrieval="false"/>
        <add name="UsersMembershipProvider" applicationName="umbraco4" type="umbraco.providers.UsersMembershipProvider" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" />
        <add name="ASPPGSqlMembershipProvider" applicationName="umbraco4"
            passwordStrengthRegularExpression="" minRequiredPasswordLength="4" minRequiredNonalphanumericCharacters="0"
            enablePasswordRetrieval="false"
            enablePasswordReset="true"
            requiresQuestionAndAnswer="false"
            requiresUniqueEmail="true"
            forumUpfileFolderPath="D:\www\files"
            type="ASPPG.MembershipProviders.ASPPGSqlMembershipProvider, ASPPGSiteIntegrationPackage"/>
    </providers>
</membership>

This is how I log in the user:

if (Membership.ValidateUser(txtUserName.Text, txtPasssword.Text)) {
    HttpCookie cookie = FormsAuthentication.GetAuthCookie(txtUserName.Text, false);
    cookie.Expires = DateTime.Now.AddDays(1);
    cookie.Domain = ConfigurationManager.AppSettings["Level2DomainName"];
    HttpContext.Current.Response.Cookies.Add(cookie);
    Response.Redirect(Request.Url.ToString());
}

When I close the browser, the user is still logged in. How do I make the website forget the user through an option, so the user himself can decide if the website should remember or not?

Thanks in advance 🙂

M

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Have you tried NOT setting the cookie.Expires or at least setting it to DateTime.MinValue for user’s that don’t want to be ‘remembered’?

    From MSDN:

    Setting the Expires property to MinValue makes this a session Cookie, which is its default value.

    • 0