RE: Back Button

From: tony (myemail_at_mail.com)
Date: 03/15/04 

Date: Mon, 15 Mar 2004 07:21:07 -0800

Hi Steven,
   Thank you for your reply. I followed the KB article, but didn't do any difference.
   your description about the site structure and flow is eaxclty as you described, and I would like to add some more info:
- I use IE 6
- The web site contains 3 frames, (top, left and right). the top frame has a link to another external site, and when it's
    clicked, it does not load any of its pages in the right frame, it's simply, let the user leave completely my web site to that
    external site, but if the user decide later to go back to my web site, he always got redirected to the login page
   (eventhough he was authenticated while he was browsing my web site, and the cookie is persistent).
(login page is not contained in a frameset)

However, I noticed the following behaviour:
In debug mode:
1- I hit mysite, get authenticated through Login page with persistent cookie set to expire in 20 years, run couple pages,
    then, close IE.
2- Reopen IE, hit my site again, and since I'm already authenticated from the frist time, I don't get directed to the login
    page, instead I got directed directly to the Default page
    The adress bar in IE display "http:mysite\Default.aspx".
    When the external link is cliked, and I leave my site, if I click the little arrow beside the "Back" button, to check the url
    history of IE, all what I can see is one entry and it always defaulted to "login.as" (http:mysite\Login.as), as it's not what
    the adress bar used to display when I was inside my site.
    If I click the Back button, the code does not get executed on the server side, since, I cannot catch it neither
    in "Global.asax" where the authentication procedure, or the login page, so, I'm assuming that the browser display the
    page from his own cache, but why he always go the the login page and how he is getting it, since he's not requesting
    this page from the server.

my Web config:
<authentication mode="Forms"><forms name="xyz" path="/" loginUrl="Login.aspx" protection="All" timeout="60" requireSSL="false"
                                                                                                                                        slidingExpiration="false" ></forms></authentication>

Thank you again for your help