You are both right.... here's what I did
Thanks guys, you both helped out. Here's what I did:
I kept an aspx:button for my Sign Out and left it in the navbar. This allows
me to capture the click event and use the FormsAuthentication.SignOut() method
to kill the ticket. Then in that same event handler I call Response.Redirect("login.aspx")
to go to my login page, which incidentally IS a dedicated standalone aspx
page. In the <authentication> part of web.config I use "loginUrl="login.aspx"
so that any unauthenticated user gets sent their right away.
When the user clicks the Sign Out button, it kills the ticket and calls the
login.aspx redirect. Previously, this would have loaded it only in the navbar
frame. But now in the login.aspx HTML code I have added this code: <body
function as shown here:
if (window.top != window.self)
Essentially, what this does is it says "okay, if the current frame is not
the entire browser, then load the login page into the complete browser.
By doing the If window.top != window.self, I avoid the recursive loop of
always reloading itself each time it starts to load.
Excellent, thanks for the input! Hope this helps others out too.
-- Android Development Center
-- Cloud Development Project Center
-- HTML5 Development Center
-- Windows Mobile Development Center