Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...User logout not working (.DOTNETNUKE not removed)User logout not working (.DOTNETNUKE not removed)
Previous
 
Next
New Post
8/15/2011 10:56 AM
 
Patrik Johansson


Joined: 8/5/2004
Posts: 333
We have a problem with the .DOTNETNUKE cookie not being removed as it should when the user logout. We are not running a source installation on this site so we can only debug until the SignOut() is called in Logoff.aspx, but we can see that it is infact called. Because of other reasons, we have had to make a slight change to the web.config, could this be causing the problem:

<authentication mode="Forms">
      <forms name=".DOTNETNUKE" protection="All" timeout="60" cookieless="UseCookies" domain="mydomain.local" />
    </authentication>
     

If so, why isn't it working and what can we do to make it work (assuming this is the root of the fault)? When lookin in the code for SignOut() though, we can find no code for removing the .DOTNETNUKE cookies, only other cookies, where is the .DotNetNuke one removed?

We are using 5.6.3.
 
New Post
8/15/2011 11:17 AM
 
Patrik Johansson


Joined: 8/5/2004
Posts: 333
We tried changing to domain="" but that made no difference, the cookie is still there. Looking at the cookies, it is set to "Expire at the end of the session", so what do we need to do to end the session and shouldn't this be handled by DotNetNuke? Must admitt that it was a LONG time ago since I last read up on cookies, so it could be an easy solution to this.

We've tried to execute:

Session.Clear();
Session.Abandon();

but that does not seem to make any difference.

Any ideas?
 
New Post
8/15/2011 11:48 AM
 
Patrik Johansson


Joined: 8/5/2004
Posts: 333
Upon closer investigation, this could be a problem with latest version of Firefox (and perhaps earlier as well). When using Google Chrome and executing the same code, it handles the cookie correctly (it removes it instantly once expired), Firefox however does not handle it correctly. Infact, the cookie is still there even after Firefox has been restarted altogheter, which is somewhat of a concern.
 
New Post
8/15/2011 11:52 AM
 
Patrik Johansson


Joined: 8/5/2004
Posts: 333
Upon even closer investigation, it seems like it is the "cookie manager" in Firefox that is brooken. It gives you an impression of showing you real time information about state of cookies, but infact, you have to first clear the previos search (even if searching for the same thing again) and then type it in again, then you will see that the cookies has infact been removed in Firefox as well.
 
New Post
8/16/2011 3:46 AM
 
cathal connolly


cathal connolly's Avatar

www.cathal.co.uk
Joined: 4/9/2003
Posts: 9676
firefox has had consistent issues with not quite following the RFC's for security e.g. they ignore one of the cache directives to improve performance but that violates security. I'm not best convinced that it's a primary driver for them i.e. they take so much flak about speed/performance that they've concentrated on that in lieu of following correct security implementations.
Buy the new Professional DNN7: Open Source .NET CMS Platform book Amazon US
 
 Page 1 of 1
Previous
 
Next
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...User logout not working (.DOTNETNUKE not removed)User logout not working (.DOTNETNUKE not removed)


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out