I am trying to implement Logout Functionality in ASP.NET MVC.
I use Forms Authentication for my project.
This is my Logout code:
FormsAuthentication.SignOut();
Response.Cookies.Clear();
FormsAuthenticationTicket ticket =
new FormsAuthenticationTicket(
1,
FormsAuthentication.FormsCookieName,
DateTime.Today.AddYears(-1),
DateTime.Today.AddYears(-2),
true,
string.Empty);
Response.Cookies[FormsAuthentication.FormsCookieName].Value =
FormsAuthentication.Encrypt(ticket);
Response.Cookies[FormsAuthentication.FormsCookieName].Expires =
DateTime.Today.AddYears(-2);
return Redirect("LogOn");
This code redirects the user to the Login Screen. However, if I call an action method by specifying the name in address bar (or select the previous link from address bar dropdown), I am still able to reach the secure pages without logging in.
Could someone help me solve the issue?