4

I have created Asp.net MVC4 Web application. In which, when a user logs in and do some browsing and then close the application from browser without logging out,then previously logged user is not logged out and When application is restarted then previously logged user is logged.

What i am willing is that if a user is logged in and close the web application,then user should be logged out instantly.

Note -I have not deployed the application on IIS by now. So, as web is stateless.So,will it work correctly incase of real scenario when applicaiton will be deployed.

Currently, i am checking it on my development machine and browser.

I have seen following sample but No one has clear explanation

automatically logging users out of asp.net website on close

how to kill the session when user closed the browser without logout

So, is there any event that i can handle on dispose or some sort of shutdown as what we have in desktop application. Actually, i have not worked web application before.

Community
  • 1
  • 1
Yogesh
  • 3,044
  • 8
  • 33
  • 60
  • 2
    You must prevent your application from making a cookie. Otherwise you need think about why you need them to be automatically logged out, just change the expiration on the cookie stored to have them logged out within 20mins or so. Or write some script that extends the cookie lifetime if the user does something. – Callum Linington Mar 25 '13 at 09:40
  • 1
    Using window.onunload from your second link is the best approximation. http://stackoverflow.com/a/2910512/989451 – Jeroen K Mar 25 '13 at 10:56
  • 1
    Are you having people hot desking while using this site? seems strange that a user would close a browser and then someone else would come along and open it. you can set a short time out on the cookie, say 10 mins, is that acceptable? – Slicksim Apr 05 '13 at 09:08

1 Answers1

2

Try making the attribute - "createPersistentCookie" as false while authenticating

For Ex:

 ' generate non-persistent cookie for the authenticated user
Dim authCookie As HttpCookie = System.Web.Security.FormsAuthentication.GetAuthCookie(_logonModel.UserName, False)
Jyo
  • 167
  • 1
  • 4