Easy Extranet with WFFM & EXM – Part 4: Logout Page


I like to build logout functionality before I build the login functionality. It makes testing the login functionality easier when you can quickly logout. Also, when users register, they are immediately logged in, so unless you have let your session expire, you should still have a user logged in.

Web Forms for Marketers has a Logout action, but rather than create a whole form, we’re going to create a logout page using standard page events. In Content Editor, navigate to /sitecore/system/Settings/Rules/Definitions/Elements/Script/Clear Rules Cache. Duplicate this item and name the new item “Logout”. Change the Code field to read

<% Sitecore.Security.Authentication.AuthenticationManager.Logout(); %>

Save the item.

Logout script action

Navigate to /sitecore/system/Settings/Rules/Page Events/Tags/Default.  In the Tags field, make sure Script is in the selected list on the right.

Select script tag

Navigate to /sitecore/system/Marketing Control Panel/Goals and insert a new goal item named “Logout”.  Click the Edit Rule button on the Rule field.  In the Rule Set Editor dialog, select “where true (actions always execute) from the System group of the conditions list on the left.  Select “run specific script” from the actions list on the right.  Click the ‘specific’ link and select the Logout script you just created.  Click OK twice and save the goal item.  In the Workflow chunk of the Review strip tab, click the Deploy button.

Add rule for logout goal

Under your Home item, insert a new page named “Logout”.  Enter some content and save the item.  On the Analyze strip of the toolbar ribbon, click the Goals button in the Attributes chunk.  In the Goals dialog, check the Logout goal and click OK.

Select logout goal

Push the page through workflow and do an incremental site publish.  Optionally, go back to the restricted page and add a link to the logout page.  Test the logout page by first visiting the restricted page to ensure you are logged in.  If you are not logged in register a new user on the register page.  Then, go to the logout page.  If you visit the restricted page after visiting the logout page, you should get the access denied message.