ASP Programming
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
User Name:
Password:
Remember me
Go Back   Dev Shed ForumsProgramming Languages - MoreASP Programming

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
Thread Tools Search this Thread Rate Thread Display Modes
 
Unread Dev Shed Forums Sponsor:
Application developers can seamlessly integrate the Advantage Database install with their application install. Learn the best practices used when setting up silent installs with this seminar.
  #1  
Old February 27th, 2003, 02:24 PM
Freddyfiasko's Avatar
Freddyfiasko Freddyfiasko is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Jul 2002
Location: Norway
Posts: 57 Freddyfiasko User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 19 m 33 sec
Reputation Power: 6
Login security problems....

Hi..

I`m building a site that needs login and then check that the user is logged in to visit several pages. The login-stuff is ok and I can do the check on the pages I want, but the problems is that after a user has logged out, he/she can still use the browsers "back-button" and display the contents on the previuos pages, but when reloading the pages my "not logged in" messages appears. Is there anything I can do to prevent the "backbutton" possibility?

My logout-page has only a "session.abandon" function for the logout-procedure.


Freddy....

Reply With Quote
  #2  
Old February 27th, 2003, 07:10 PM
makman111 makman111 is offline
Junior Member
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Feb 2003
Location: Minneapolis, MN
Posts: 11 makman111 User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 0
I include this header file in each "secure" page I use

<%
If Session("LoginID") = "" Then
Response.redirect(Session("MyURL") & "/default.asp")
End If

Response.Expires = -1500
Response.CacheControl = "no-cache"
%>

If you are not logged in you get redirected to a "login" or "not authorized" page. If you use the back button you get a page can not be refreshed error msg.

Does this help?

Reply With Quote
  #3  
Old February 28th, 2003, 01:35 AM
Freddyfiasko's Avatar
Freddyfiasko Freddyfiasko is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Jul 2002
Location: Norway
Posts: 57 Freddyfiasko User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 19 m 33 sec
Reputation Power: 6
Thanks a lot.....you are the boss...!!


Freddy....

Reply With Quote
Reply

Viewing: Dev Shed ForumsProgramming Languages - MoreASP Programming > Login security problems....


Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump

 Free IT White Papers!
 
Accelerating Trading Partner Performance
One in five. That's how many partner transactions have at least one error. That is an amazing statistic, particularly given the extraordinary leaps in innovation across the global supply chain during the past two decades. Download this white paper to learn more.

 
Competing on Analytics
This Tech Analysis is designed to help identify characteristics shared by analytics competitors, and includes information about 32 organizations that have made a commitment to quantitative, fact-based analysis.

 
Cost Effective Scaling with Virtualization and Coyote Point Systems
An overview of the industry trend toward virtualization, how server consolidation has increased the importance of application uptime and the steps being taken to integrate load balancing technology with virtualized servers.

 
Five Checkpoints to Implementing IP Telephony
Implementation planning for IP PBX software and IP telephony has become vital as businesses replace discontinued legacy PBX phone systems. This informative whitepaper outlines five "checkpoints" for any implementation plan that will help make IP communications a successful proposition.

 
Hosted Email Security: Staying Ahead of New Threats
In the last two years, email has become a fierce battleground between the nefarious forces of spam and malware, and the heroes of messaging protection. The spam volumes increased alarmingly every month, bringing clever new forms of phishing and virus propagation attacks.

 

Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 





© 2003-2008 by Developer Shed. All rights reserved. DS Cluster 5 hosted by Hostway