When logging out the user, we need to abandon the session on the server side and remove the session id from the client side. For example, in the Page_Load() method:
if (!IsPostBack) {
// Invalidate the old session. A new session will be started.
Session.Abandon();
// Clear the session ID from the client side.
// Otherwise, the old session ID will be recycled by default.
Response.Cookies["ASP.NET_SessionId"].Value = "";
}
Tuesday, April 23, 2019
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment