4

I have FBA sharepoint site with custom login code (see below). When the user login out side system and I passing Cookie value to FormsAuthentication.RedirectFromLoginPage(userName, false);. It works fine till here.

The issue is, If user goes out side the system and signed out and logged in with different user id and comes to my SharePoint site the login process is skipped and the user is logged in with old id (not with new login id).

Is there any way we can go through login process if user type sharepoint site url and redirected to shareoint site.

Please gurus help me out.

    try
    {
        if (Request.Cookies[authCookie].Value.Length > 0 || Request.Cookies[authCookie].Value != null || Request.Cookies[authCookie].Value != "")
        {
            userName = Request.Cookies[authCookie].Value;
        }
    }
    catch (Exception ex)
    {
        Response.Redirect("https://qa.company.com/appssecured/login/servlet/LoginServlet?TARGET_URL=" + Request.Url);
    }
    if (true)
    {
        userName = Request.Cookies[authCookie].Value;
        FormsAuthentication.RedirectFromLoginPage(userName, false);
    }

Web.Config

<authentication mode="Forms">
  <forms loginUrl="LoginAuth.aspx" timeout="2880" enableCrossAppRedirects="false" />
  <!--      <forms loginUrl="/_layouts/login.aspx" />-->
</authentication>
James123
  • 11,184
  • 66
  • 189
  • 343
  • 2
    Its sounds like you are not clearing the cookies correctly when the session ends. There is an application-level event for Session End. However, you may have to proactively clear the users session if you want a more immediate response, Server-side session state has a lifespan of 20m, but its configurable in the web.config – Glenn Ferrie Mar 06 '12 at 17:51
  • The user needs to log out on the `qa.company.com` site: this could be done with automatically with a link to an "auto logout" page (on the *target* site that then forwards to the final Url). Remember, the cookies (auth/session) are *per-domain* so logging into/out of one domain will not intrinsically affect another. There is federation/Office365 and other magic to enable a wide SSO, but that's another beast. –  Mar 06 '12 at 17:51
  • Why login page is not calling each time when we to site? – James123 Mar 06 '12 at 18:00
  • Do you use the /_layouts/SignOut.aspx? If you are, then it should take care of clearing the cookies for you.. – Rikard Uppström Mar 07 '12 at 16:00

1 Answers1

1

Why not use 

FormsAuthentication.SignOut();
FormsAuthentication.RedirectToLoginPage();

This should clear the cookie properly and redirect to login page.

Kamil
  • 36
  • 4