I m using MasterPage in my application. I put LogOff button in masterpage so that it become visible on all pages inherited from master page. The problem is that when I click on LogOff button it moves to login page but on clicking Back button of IE last page come again from chache. Code against logoff is as

{
   Session.Abondend();
   Response.Redirect("login.aspx");
}

 Also each paeg contains following code in Page_Load

{
  if(Session["id"].Equal(""))
  {
  -------
  }
  else
  {
    Response.Redirect("login.aspx");
  }

}
Please tell me how to solve this problem. Also tell me is there any way to clear chache??

__________________
Regards,
Ali Irfan

Hi,
   I don't think clearing the cache is what you want. What I think you want is for certain pages to be served only if you have the appropriate cookie.
You can easily do this by placing the pages you want protected under a directory, and then specify that directory to have an authorisation scheme that only allows authenticated users to log in (you would do this in web.config) this would definately not allow you to view a page even if you hit the "back" button once you signed out.

    To destroy the auth cookie I use FormsAuthentication.SignOut()

the code you have put in page_load is unnecessary. Try to use FormsAuthentication.SetAuthCookie method. This way your app will use web.config to determine whether the page should be served to the user, not your code in page_load.

I recommend you read about forms authentication in .NET cause your doing it the classic ASP way. here's a good read: http://www.15seconds.com/issue/020220.htm

In order to clear the page from the cache, put this line of code in the Page_Load event
Something like that, i wrote this without checking...

e-ducan Global Store
Programmer/Application developer
http://www.e-ducan.com
Belgrade, Serbia