Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
In my website, I am storing some user specific setting in session. But other users are able to access the same session after the first user logout. Isn’t session user specific? If yes how come the second user is able to access the session after the first user logs out? In my understanding the second user should not be able to access the first user session even if I don’t call session.abandon().
Thanks, Syd
Session itself and FormsAuthentication are not directly tied together. If you want to make sure your entire session is cleared, you’ll need to call
Session.Abandon()or clear out the individual items when they log out.