Sure, I am using the same master page as the personal website. I use a base page class and session state to store some application settings. When I click Logout, the Logout button is still there and so are all the links to the admin pages which I can still access. Here is what I last tried in web.config <authentication mode="Forms"> <forms name=".netsolut" loginUrl="Logon.aspx" protection="Validation" timeout="480" slidingExpiration="true" /> Post Edited (jfs1967) : 6/8/2006 11:16:17 PM GMT
One thing I noticed about your code is the slidingExpiration. It is supposed to be a boolean, indicating whether to slide the expiration or not. I doubt this is causing your problem. If you are using a login status control, make sure the LogoutAction is set to RedirectToLoginPage.
What does the code for the logout button look like? Joel Thoms DiscountASP.NET http://www.DiscountASP.NET
There is some code for logging out ensure the default site theme is restored Protected Sub LoggingOut(ByVal sender As Object, ByVal e As LoginCancelEventArgs) Session.Remove("CurrentTheme") End Sub And here is the page code <asp:LoginStatus ID="LoginStatus1" Runat="server" OnLoggingOut="LoggingOut" /> It occurred to me that I might try to logout from a machine that is not my developement machine, too.
Add something like this to your logout event... Session.Clear() Session.Abandon() FormsAuthentication.SignOut() Response.Redirect("~/login.aspx") Joel Thoms DiscountASP.NET http://www.DiscountASP.NET
It is working now It seems that changing protection="All" To protection="Validation" did the trick. Thank you.