I have a log off button on my web form which sets the login id, priveledge, etc. to nothing. Like this.


Response.Cookies("LoginName").Value = Nothing
Response.Cookies("LoginName").Expires.AddMilliseconds(1)
Response.Cookies("Priveledge").Value = Nothing
Response.Cookies("Priveledge").Expires.AddMilliseconds(1)
Response.Redirect("Login.aspx")


In my page load event on the form, I have it running this code first.


Dim strPriveledge as String
Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load

If (Request.Cookies("Priveledge") Is Nothing) Then
Response.Redirect("Login.aspx")
Else
strPriveledge = Request.Cookies("Priveledge").Value
End If
If strPriveledge = "" Or strPriveledge = Nothing Then
Response.Redirect("Login.aspx")
Else
strPriveledge = Request.Cookies("Priveledge").Value
End If

End Sub


If the user has no valid cookies, I do not want this page to load, I want them to be re-directed to the Login screen.

All this works great in the debug stage. The problem is after I pulish it and I use it from somewhere else.

After I log off and then click the favorite button, the page actually displays the page with the data in it allthough I have destroyed the cookies.

Anyone have any ideas on what could be causing this?

I have even verified that the cookie is wiped out.

Thanks

Look at this link:
http://www.vbforums.com/showthread.php?s=&threadid=245643

This shows authentication in asp.net apps and how to incorporate it.

Now that I've done some more testing, I think my web app is loading the latest web page that the user loaded.

When the user hits the logout button, could I remove the temporary file that is saved to it's hard drive if there are any there for this particular page?

If so, how?

Thanks