Programmatically Logging User Out of Existing Session
Hi,
We made a login box where people enter their username/pwd and then when they click go we log them in programmatically.
Here is the code we use:
SecurityManager.AuthenticateUser(Membership.Provider.Name, username, password, false);
Hello Ben Alexandra,
Can you please try using the Logout() method of SecurityManager without passing any arguments. It should log the current user out. If any problems persist, please let us know.
Greetings,
Boyan Barnev
the Telerik team
I really need an answer to this. It's been almost a week and we are trying to launch this site
Thanks
Ben
I don't know why I am not getting a reply on this. I REALLY need an answer. It's been over a week and we are trying to launch this site
Thanks
Ben
Hi Ben Alexandra,
The Sitefinity security public widgets can be found in the namespace Telerik.Sitefinity.Security.Web.UI, so my registering a tag prefix like:
<%@ Register Namespace="Telerik.Sitefinity.Security.Web.UI" Assembly="Telerik.Sitefinity" TagPrefix="sfSecPublic" %>
<
sfLogout:LoginForm
LayoutTemplatePath
=
"~/MyTemplate.ascx"
runat
=
"server"
ID
=
"Test"
></
sfLogout:LoginForm
>
private
static
void
DoLogout(
string
navigateUrl)
SecurityManager.Logout();
var context = SystemManager.CurrentHttpContext;
if
(String.IsNullOrEmpty(navigateUrl))
navigateUrl = context.Request.Path;
if
(!RouteHelper.IsAbsoluteUrl(navigateUrl))
context.Response.Redirect(navigateUrl,
true
);
Guys, this is not what Ben is asking. Look, he is trying MANUALLY login a user in a code behind. Before, this was easy because Sitefinity played-along nicely with the MS MemerbershipProvider: Membership.AuthenticateUser(username, password). In Sitefinity 4, you must use SecurityManager.AuthenticeUser(provider, username, password, persist). Well, when you call that method sometimes you get back a result of UserLoggingReason.UserAlreadyLoggedIn. When this result is returned, he needs to be able to logout the OTHER USER which is causing this result, and LOG IN the user making the login request. Here is code as an example:
var username = login.UserName;
var password = login.Password;
var result = SecurityManager.AuthenticateUser(Membership.Provider.Name, username, password, false);
if (result != UserLoggingReason.Success)
if (result == UserLoggingReason.UserAlreadyLoggedIn)
====> THE CODE AFTER THIS DOES NOT WORK. WHAT TO DO?
SecurityManager.DeleteAuthCookies();
result = SecurityManager.AuthenticateUser(Membership.Provider.Name, username, password, false);
Here is a simpler way to look at it:
What method do you guys call when the user clicks "Logout the other user and Log Me in" on your Login control? That is precisely what Ben needs.
hi,
same problem for me too.. can you suggest me the carry out for the login page....
Logging out another user requires an authenticated account (SuppressSecurityChecks doesn't do the trick) so I created an admin account that only the system will use, then use it to force log out on the user
UserManager userManager = UserManager.GetManager();
// Log in to the admin user account
SecurityManager.AuthenticateUser(
new
Credentials() UserName =
"adminUserName"
, Password =
"adminPassword"
);
// Log out the specified user
User alreadyLoggedInUser = userManager.GetUser(
"userName"
);
SecurityManager.Logout(
"Default"
, alreadyLoggedInUser.Id);
alreadyLoggedInUser.IsLoggedIn =
false
;
userManager.SaveChanges();
// Log out the admin
SecurityManager.Logout();
This is an old post, but thought it was helpful to save anyone else looking. Sitefinity has added a feature to automatically logout other sessions, which is essentially what's trying to be accomplished.
docs.sitefinity.com/administration-configure-the-self-logout-dialog-recurrence
It would be really nice to be able to do this programmatically per instance, in case you wanted to handle certain situations different. Sitefinity currently does this when logging into the Dashboard (you're always prompted, regardless of that setting). Otherwise, this works like a charm when trying to implement STS.