StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POCan I Create an HttpHandler that never participates in Forms Authentication?
text
Body
copied!<p>I've created a logout handler that is registered to Logout.aspx in my web.config. I want this to be able to be run from any path. It works great. My master page registers a client script function that automatically logs people out 1 minute before their ticket or session is going to expire (they get a countdown warning starting at 2 minutes to go). However, even if I redirect them to Logout.aspx 1 minute prior to their ticket supposedly expiring, sometimes Logout.aspx doesn't see them as authenticated and they are then redirected to the login page. Of course, they login and then are immediately redirected to the logout page and logged out.</p> <p>Is there a way to register a handler so it doesn't participate in FormsAuthentication. I'm guessing this is easy maybe using IIS settings? We use IIS7. Any suggestions?</p> <p>My web.config:</p> <pre><code><handlers> <add name="Logout" verb="*" path="Logout.aspx" type="MyNamespace.HttpHandlers.LogoutHandler"/> </handlers> </code></pre> <p>My code:</p> <pre><code>namespace MyNamespace.HttpHandlers { public class LogoutHandler : IHttpHandler, IRequiresSessionState { public bool IsReusable { get { return false; } } public void ProcessRequest(HttpContext context) { string[] myCookies = context.Request.Cookies.AllKeys; foreach (string cookie in myCookies) context.Response.Cookies[cookie].Expires = DateTime.Now.AddDays(-1); FormsAuthentication.SignOut(); context.Session.Abandon(); context.Response.Redirect(Settings.Default.MyRootURL); } } } </code></pre>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload