Prev   Next

Back to the top of the FAQ

Q. Logout a user, tips and traps.


Yes, with cookie-based login, it is possible to have a user logout. There are samples in the installation directory for all the types of cookie-login.

If you need the logout capability, we recommend turning off keep-alives on the server, because requests will continue to be served even after the user has logged out. Credentials are only requested at the start of each stream, which can last over several requests with keep-alive on.

If instead you need to use keep-alives then we need to tell the server to terminate the keep-alive from the logout.asp page. Add the following 2 lines to the end of the logout.asp:

response.buffer = true
This will tell the server to terminate the connection, and fresh credentials will be required from now on.

Also remember that cachable pages will remain in the browsers cache, until it is emptied.

If you experience problems, try this script

In the logout.asp file, after the section of code:

' whichType: 1 for per-directory, 2 for sitewide
ccresult = auth.ClearConcurrencyToken(2, protectedAbsPath, Request.Cookies(cookieName)) ' only useful with WebQuota CMCL Edition, no-op otherwise
if 0 = ccresult Then
' all well and good
response.Write("ClearConcurrencyToken failed with error code: " & ccresult & ", check the event log")
End if

Add the following:

currentUserText = Request.Cookies("AXCOOKIELOGIN")
if ("" <> currentUserText) Then
currentUser = Right(currentUserText, Len(currentUserText) -1)
currentUser = Left(currentUser, Instr(currentUser, ">") - 1)
End if

' MAKE SURE protectedAbsPath is all LOWER CASE!
' and IIS Application is Low (IIS Process) for this directory.
unLockResult = auth.UserUnlock(protectedAbsPath, currentUser)
if (0 <> unLockResult) Then
'response.Write("UserUnlock returns: " + CStr(unLockResult))
'response.Write("UserUnlock returns: " + CStr(unLockResult))
end if

Back to the top of the FAQ

Prev   Next