Try our conversational search powered by Generative AI!

AI OnAI Off

Users are not correctly logged out

Shamrez Iqbal
Shamrez Iqbal
Vote:
 
Hello, we are having issues with the login/logout procedures. Given this case: - User logs in - User changes her/his username - The label which displays the username displays the old username (this might be normal i guess?) - User logs out - User can now log in with both new and old username but there is only one row in tblUsers. AND the label showing the currently logged in user is wrong. This is the logout code: UnifiedPrincipal user = UnifiedPrincipal.Current; if (user.Identity.IsAuthenticated) { if (Configuration.Authentication != AuthenticationMode.Forms) return; FormsAuthentication.SignOut(); UnifiedPrincipal.RemoveFromCache( user.Identity ); PageBase.CurrentUser = UnifiedPrincipal.AnonymousUser;
#17644
May 15, 2007 16:07
Vote:
 
You may find these technical notes interesting: http://www.episerver.com/en/EPiServer_Knowledge_Center/Documentation/TechNotes/Configurable-Authentication-Provider-Chain/ and the web.config setting: EPnUserCacheTimeout Timeout limit, in minutes, to keep the user's principal information described in this technical note: http://www.episerver.com/en/EPiServer_Knowledge_Center/Documentation/TechNotes/webconfig-Settings/
#18479
May 15, 2007 16:37
Shamrez Iqbal
Shamrez Iqbal
Vote:
 
Hello, this value, wheter is 0 or 10 doesn't seem to affect the behaviour.
#18480
May 15, 2007 17:11
Vote:
 
Hi Shamrez! Try to drop the UserSid from its cache as well as the UnifiedPrincipal. Extranet accounts are authenticated by (trying) to load the UserSid by name (from database), then create a Principal from it and then lastly validate password and ipaddresses and such. When a Sid once has been loaded, it will be put in the UserSid cache and remain there forever, there simply is no way of specifying a cache timeout for those objects. You can use the function Sid.ClearCache() to remove the sid. Something like this might work: UserSid sid = UserSid.Load( UnifiedPrincipal.CurrentSid ); Sid.ClearCache(sid); Regards, Johan Olofsson EPiServer AB
#18481
May 16, 2007 12:21
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.