FormsAuthentication Session Cookie

[Julian Welby-Everard]

I am using a custom forms auth, which sets up the session and authcookie, on
session time out the content of the session is being cleared which is what i
expect, im my global.asax on session timeout i call
FormsAuthentication.SignOut() to clear down the authcookie.

but this does not seem to happen as when the user clicks on a link i check
to see if the cookies exiists with

if m_context.Request.Cookies.Item(FormsAuthentication.FormsCookieName) Is
Nothing

if it does i can reload any missing data, if not i will kick user to login.
but this cookies always exists untill i kill the browser.

Is There anyway of killing this cookie?

Thanks

Jules

 

[Guest]

I am using a custom forms auth, which sets up the session and authcookie, on
session time out the content of the session is being cleared which is whati
expect, im my global.asax on session timeout i call
FormsAuthentication.SignOut() to clear down the authcookie.

but this does not seem to happen as when the user clicks on a link i check
to see if the cookies exiists with

if m_context.Request.Cookies.Item(FormsAuthentication.FormsCookieName) Is
Nothing

if it does i can reload any missing data, if not i will kick user to login..
but this cookies always exists untill i kill the browser.

Is There anyway of killing this cookie?

Thanks

Jules

Session_End is fired internally by the server, based on an internal
timer. Thus, I would recommend to use any of 3 following tricks:
http://blogs.msdn.com/nikhiln/archi...-timeout-in-asp-net-2-0-web-applications.aspx