开发者

Asp.Net 2 integrated sites How to Logout second site programatically

开发者 https://www.devze.com 2022-12-28 10:05 出处:网络
I am working with an asp.net 2.0 site (call it site 1) which has an iframe in it which loads up another site (site2) which is also an asp.net site which is developed by our team. When you log onto sit

I am working with an asp.net 2.0 site (call it site 1) which has an iframe in it which loads up another site (site2) which is also an asp.net site which is developed by our team. When you log onto site 1 then behind the scenes site 2 is also logged in so that when you click the iframe tab then this displays site 2 with the user logged in (to prevent the user from having to log in twice).

The problem i have is that when a user logs out of site 1 then we call some cleanup methods to perform FormsAuthentication.SignOut and clean session variables etc but at the moment no cleanup is called when the user on site 2. So the issue is that if the user opens up Site 2 from within a browser then website 2 opens with the user still logged in which is undesired. Can anyone give me some guidance as to the be开发者_StackOverflow中文版st approach for this?? One possible approach i though of was just that on click of logout button i could do a call to a custom page on Site 2 which would do the logout. Code below

    HttpWebRequest request;
    request = ((HttpWebRequest)(WebRequest.Create("www.mywebsite.com/Site2Logout.aspx")));
    request.Method = "POST";
HttpCookie cookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
Cookie authenticationCookie = new Cookie(
FormsAuthentication.FormsCookieName,
                            cookie.Value,
                cookie.Path,
                HttpContext.Current.Request.Url.Authority);
request .CookieContainer = new CookieContainer();
request .CookieContainer.Add(authenticationCookie);
response.GetResponse();

Problem i am having with this code is that when i run it and debug on Site 2 and check to see if the user is Authenticated they are not which i dont understand because if i open browser and browse to Site 2 i am Still authenticated. Any ideas , different direction to take etc ??? Please let me know if you need any more info or if i something i have said dosent make sense.

Thanks


What about using the same cookie for both sides? If your sites log into the same membership database the following link provides a simple solution without synchronization code for log in and cleanup.

http://www.codeproject.com/KB/aspnet/SingleSignon.aspx

Just snyc the forms authentication (same domain, same name) and use the same (fixed) machineKey.

0

精彩评论

暂无评论...
验证码 换一张
取 消