views:

90

answers:

1

I have this in my LoginControl.ascx code behind:

protected void Logout_Click(object sender, EventArgs e)
{
    FormsAuthentication.SignOut();
    Session.Abandon();
    FormsAuthentication.RedirectToLoginPage();
    Response.End;
    //Response.Redirect("default.aspx");
}

I expected that on logout the user would be redirected to the login page (default.aspx in this case) and there would be NO query string attached. Instead, what I see on the URL is:

http://kab.domain.com/default.aspx?ReturnUrl=%2fAdministration%2fCharacter%2fView.aspx

So now, after logging out, I want to log in as another person (with lesser privileges) and on a successful login it redirects me to a page that this new login does not have permissions to see! <grrr />

I realize that the "normal" user will never run into this issue but the test users do and it is a bug as far as they are concerned.

Even with the Response.Redirect I still get the query string. How do I get rid of the query string at logout???

A: 

Try this:

Response.Redirect(FormsAuthentication.LoginUrl);
Phaedrus
I added a full URL and now it is redirecting without a query string.Response.Redirect(RivWorks.AppSettings.RootUrl + "default.aspx");
Keith Barrows
Looks to be the same when you get down to brass tacks. Thanks!
Keith Barrows