Forums
This topic is locked
User Authentication and Logging OUT - Does it work
Posted 13 Dec 2001 21:02:46
1
has voted
13 Dec 2001 21:02:46 Terry Bettendorf posted:
I have a page protected by the Login User behavior, and that all works fine. Once a user is logged in however, I want the session variable to be destroyed or deleted. I tried to create a Logout User Behavior and tried both through a page load and a link, and neither worked. I could still go directly to my protected page by typing in the URL. I am just trying to do a simple LOGOUT text link. Gives me an error. For the LOGOUT text i have <%=MM_Logout%> as the value for A.HREF. Thats it. Is that something wrong??
If I open up the server behavior i have it Logged out When: Link Clicked - and it has "LOGOUT" in the box. I have an *.htm file as my page to go to when clicked.
Whats UP???
Replies
Replied 14 Dec 2001 00:11:44
14 Dec 2001 00:11:44 Joel Martinez replied:
well, I'm not too sure what server behavior you are trying to use, but if you want to log out the user... do two things.
<ul><li> 1. set session("mm_username" = "" (this assumes that the session variable created by the login behavior is called "mm_username", I don't remember exactly if thats it, but you can just check in the login code. </li><li> session.abandon
This should work by itself, but I always set the username session to "" just in case </li></ul>By doing that, you should erase any evidence your scripts have of know if they where there already.
If you pages have been secured correctly, you should not be able to navigate to them without loggin in first
Joel Martinez [ ]
----------
E-Commerce Concepts with Ultradev...pre-order yours at
www.basic-ultradev.com/ecomm_concepts/
<ul><li> 1. set session("mm_username" = "" (this assumes that the session variable created by the login behavior is called "mm_username", I don't remember exactly if thats it, but you can just check in the login code. </li><li> session.abandon
This should work by itself, but I always set the username session to "" just in case </li></ul>By doing that, you should erase any evidence your scripts have of know if they where there already.
If you pages have been secured correctly, you should not be able to navigate to them without loggin in first
Joel Martinez [ ]
----------
E-Commerce Concepts with Ultradev...pre-order yours at
www.basic-ultradev.com/ecomm_concepts/