Programmatic logout - General Discussions - General Discussions - Progress Community
 General Discussions

Programmatic logout

  • Programmatic logout
  • On my custom login form, how do I programmatically execute the same behavior that the built-in login form performs with the button "Log the other user off and enter"?

    Thanks,
    Matt
  • Hi Matt,

    This is how you logout the currently logged user. The user login information is kept in cookie and when deleted the current user is anonymous.
    SecurityManager.Logout();
                 SecurityManager.DeleteAuthCookies();


    Greetings,
    Stanislav Velikov
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  • I'm trying to log the user out of another machine.  I'm looking at the login form trying to login, so there is no current user session or cookies yet.  I do have the credentials, however, because I just tried to login.  This method partially works:

    SecurityManager.Logout(credentials);

    The user's session ends on the other machine, but the current machine still tells me the user is logged in elsewhere.  The database reflects the user being logged out, so I'm thinking it's an issue with some cached data not being flushed.  As soon as I restart the web app, it will let me log in.

    Can you tell me exactly what code is used on the sitefinity login form when you click "Log the other user off and enter"?

    Interestingly, I just noticed after I call the Logout method above, the Sitefinity login form let's me in without warning... so I know it's working, but why does this still not let me programmatically login?  Maybe my logout is fine, but logging in with AuthenticateUser is not doing the same thing as the Sitefinity login form.

    UserLoggingReason reason = SecurityManager.AuthenticateUser("Default", username, password, false);

    Can you also tell me the exact code that Sitefinity uses to login a user?  I know I've seen different answers to this over time, so maybe my approach is out of date.

    Thanks,
    Matt
  • Hi Matt,

    The exact code is:
    SecurityManager.BuildLogoutCookie(UserLoggingReason.UserLoggedOff, SystemManager.CurrentHttpContext);
                            SecurityManager.Logout();
    Sitefinity uses cookie to maintain users login. There is caching for the name of the users if they are indeed logged out so it is reccomented to disable caching on the page with login control or call.
    SecurityManager.Logout();
                 SecurityManager.DeleteAuthCookies();

    Regards,
    Stanislav Velikov
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  • For Sitefinity 10 and up, all this doesn't seem to be relevant anymore. 

    Please see this KB article (posted 19-4-2017) 
    knowledgebase.progress.com/.../cannot-log-out-using-the-api-after-upgrade-to-sitefinity-10