views:

86

answers:

1

Hi,

In my website i have implemented custom session values. In which, on log on i set the session value to some object. This object is used to extract user specific data from db.

now the problem is If user logs in with : test1.somesite.com and logs off and again logs in with: test2.somesite.com that user is still receiving the data from object specific to test1.somesite.com.

the point is whichever site user frist logs in with the second time if he logs in with anathor subdomain he is always getting the data from previous sub domain login.

on log out from specific domain i cleared all the sessions(tried everything): by putting HttpContext.session["UserDetail"] = null;, HttpContext.Session.Abandon() and also HttpContext.Session.Clear();

but nothing seems to work

and i also don't have much idea how session variables are treated across subdomains.

I mean if i initialize a session with one value by visiting test1.somesite.com will that value also be visible if on the same computer and on same browser i also open test2.somesite.com.

any help please

A: 

Sounds like a cookie issue. Try clearing out the session cookie. Something along the lines of:

if (!User.Identity.IsAuthenticated)
{
    if (Request.Cookies["ASP.NET_SessionId"] != null)
    {
        Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddDays(-1);
    }
    Session.Abandon();
}
Maxwell Troy Milton King