is it possible to for user to click a logout button to logout and when the
user want to get into the system again, the user have to login again?
Kevin
6  7549 
Windows Authentication is based on the current windows login, I dont think
you can issue a system logout request from a webpage without using some kind
of ActiveX control.
MattC
"Kevin Yu" <ko**@hotmail.c om> wrote in message
news:eL******** ******@TK2MSFTN GP15.phx.gbl... is it possible to for user to click a logout button to logout and when the
user want to get into the system again, the user have to login again?
Kevin
" Windows Authentication is based on the current windows login,"
what current windows login? you mean the login to the workstation? no, it's
the crudential that the user enter when prompt by the authentication server,
the user need to be in the AD or in the authenticating server. after the
user it's authenticated, the subsequent communication will contain the
authenticated info in the httpContext. now I am not sure where I can find
more information on how this works, there got to be someway to logout for
the users.
I dont think you can issue a system logout request from a webpage without using some
kind of ActiveX control.
MattC
"Kevin Yu" <ko**@hotmail.c om> wrote in message
news:eL******** ******@TK2MSFTN GP15.phx.gbl... is it possible to for user to click a logout button to logout and when
the user want to get into the system again, the user have to login again?
Kevin
Ack! Sorry I assumed you meant Integrated Windows Authentication. Closing
the window should kill the current authentication process. Have you tried
abandoning the current Session to see if that clears user authentication
details?
MattC
"Kevin Yu" <ko**@hotmail.c om> wrote in message
news:%2******** ********@TK2MSF TNGP10.phx.gbl. .. " Windows Authentication is based on the current windows login,"
what current windows login? you mean the login to the workstation? no,
it's
the crudential that the user enter when prompt by the authentication
server,
the user need to be in the AD or in the authenticating server. after the
user it's authenticated, the subsequent communication will contain the
authenticated info in the httpContext. now I am not sure where I can
find
more information on how this works, there got to be someway to logout for
the users.
I dont think you can issue a system logout request from a webpage without using some
kind of ActiveX control.
MattC
"Kevin Yu" <ko**@hotmail.c om> wrote in message
news:eL******** ******@TK2MSFTN GP15.phx.gbl... > is it possible to for user to click a logout button to logout and when the > user want to get into the system again, the user have to login again?
>
>
> Kevin
>
>
MattC
thank you for your response.
in fact, clearing the session collection won't help, since it does nothing
to the authentication process/authenitcated commnunication
in the httpContext
Kevin
"MattC" <m@m.com> wrote in message
news:%2******** ********@TK2MSF TNGP15.phx.gbl. .. Ack! Sorry I assumed you meant Integrated Windows Authentication. Closing
the window should kill the current authentication process. Have you tried
abandoning the current Session to see if that clears user authentication
details?
MattC
"Kevin Yu" <ko**@hotmail.c om> wrote in message
news:%2******** ********@TK2MSF TNGP10.phx.gbl. .." Windows Authentication is based on the current windows login,"
what current windows login? you mean the login to the workstation? no,
it's
the crudential that the user enter when prompt by the authentication
server,
the user need to be in the AD or in the authenticating server. after the
user it's authenticated, the subsequent communication will contain the
authenticated info in the httpContext. now I am not sure where I can
find
more information on how this works, there got to be someway to logout
for the users.
I dont think you can issue a system logout request from a webpage without using some
kind of ActiveX control.
MattC
"Kevin Yu" <ko**@hotmail.c om> wrote in message
news:eL******** ******@TK2MSFTN GP15.phx.gbl...
> is it possible to for user to click a logout button to logout and
when the > user want to get into the system again, the user have to login again?
>
>
> Kevin
>
>
I came across this in a forum, so I guess it's in the windows authentication
design, not
much can be done.
The user credentials are being cached by the client browser, not by IIS. To
force the client user to enter credentials again, you would need to send an
appropriate 401 status message in response to the next client request.
However, doing this would run counter to very legitimate user expectations
of how Windows authentication is supposed to work, so you may want to
reconsider. When Windows user credentials have already been accepted by a
server (either via a login dialog or automatic submission under IE
configuration for the target site or zone), a 401 is only expected if a
requested resource cannot be accessed under the previously supplied
credentials. When you send a 401 after any credentials have been previously
accepted, the user should expect that they need to use different credentials
from their initial login. If you're expecting the same credentials, then
user confusion should be anticipated.
All in all, if you really want to force a new login, perhaps a different
authentication mode might be more appropriate..
"MattC" <m@m.com> wrote in message
news:%2******** ********@TK2MSF TNGP15.phx.gbl. .. Ack! Sorry I assumed you meant Integrated Windows Authentication. Closing
the window should kill the current authentication process. Have you tried
abandoning the current Session to see if that clears user authentication
details?
MattC
"Kevin Yu" <ko**@hotmail.c om> wrote in message
news:%2******** ********@TK2MSF TNGP10.phx.gbl. .." Windows Authentication is based on the current windows login,"
what current windows login? you mean the login to the workstation? no,
it's
the crudential that the user enter when prompt by the authentication
server,
the user need to be in the AD or in the authenticating server. after the
user it's authenticated, the subsequent communication will contain the
authenticated info in the httpContext. now I am not sure where I can
find
more information on how this works, there got to be someway to logout
for the users.
I dont think you can issue a system logout request from a webpage without using some
kind of ActiveX control.
MattC
"Kevin Yu" <ko**@hotmail.c om> wrote in message
news:eL******** ******@TK2MSFTN GP15.phx.gbl...
> is it possible to for user to click a logout button to logout and
when the > user want to get into the system again, the user have to login again?
>
>
> Kevin
>
>
MattC
there is a workaround. it need to clear the identity token on the client
browser cache, but only IE6 + sp1 support
the javascript function, for the rest of the IE version, an activeX is
needed to clear the cache.
Kevin
"MattC" <m@m.com> wrote in message
news:%2******** ********@TK2MSF TNGP15.phx.gbl. .. Ack! Sorry I assumed you meant Integrated Windows Authentication. Closing
the window should kill the current authentication process. Have you tried
abandoning the current Session to see if that clears user authentication
details?
MattC
"Kevin Yu" <ko**@hotmail.c om> wrote in message
news:%2******** ********@TK2MSF TNGP10.phx.gbl. .." Windows Authentication is based on the current windows login,"
what current windows login? you mean the login to the workstation? no,
it's
the crudential that the user enter when prompt by the authentication
server,
the user need to be in the AD or in the authenticating server. after the
user it's authenticated, the subsequent communication will contain the
authenticated info in the httpContext. now I am not sure where I can
find
more information on how this works, there got to be someway to logout
for the users.
I dont think you can issue a system logout request from a webpage without using some
kind of ActiveX control.
MattC
"Kevin Yu" <ko**@hotmail.c om> wrote in message
news:eL******** ******@TK2MSFTN GP15.phx.gbl...
> is it possible to for user to click a logout button to logout and
when the > user want to get into the system again, the user have to login again?
>
>
> Kevin
>
>
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: konsu |
last post by:
hello,
i need to implement a secure web site in php and mysql but i have just
started looking at php a few days ago, and i would appreciate any advice
from the experts.
the site, as i said, will have a login/logout functionality, and no access
will be allowed to any pages (except for the login page) without login.
i have read on various authentication tactics on the web and decided to:
|
by: Tuan |
last post by:
Hi,
I am writting a small web application and I want to
create a logout page for the users like the logout on
yahoo. If the users logout they cannot go back by using
back button history on the browser. Instead, they have to
login again. Does anyone know how to do it? Or give me
some ideas how to do it.
Thanks in advance
Tuan
|
by: Vinod I |
last post by:
Hi Team,
I would like to know how "Logout" can be handled in asp.net page.
Scenario is like this:-
I have a "logout" option in my menu. As soon as user clicks this, will show
a "Sucessfully Loged out" screen. Now the problem is, if the usr clicks on
"back" button of windows menu bar, control goes back to previous page.
I tryed with "Session" checking in page_load event of previous screen. but
|
by: Brian Henry |
last post by:
We have our windows forms login set up and working good, well it works at
least, just now we need a logout button, so when you click on it, the user
will be logged out of the authentication, how would we do this? this is how
we are doing the login form
=======
<authentication mode="Forms">
<forms loginUrl="/WebClient/SecurePages/logon.aspx" name="RSMNEmail"
timeout="20" path="/"></forms>
|
by: ad |
last post by:
I use the Login controls of Asp.net 2.0 in my program.
I want to logout a user by program, I try Session.Abandon() for this.
But I found that the user is the same after I execute Session.Abandon().
I thought that Session.Abandon() can break the connection of current user,
but I fail
How can I logout a user by program?
| | |
by: AAOMTim |
last post by:
I want to automatically logout if certain conditions occur in my application.
Calling Session.Abandon() does not force a logout. What can I do?
--
Tim
|
by: Rahul |
last post by:
Hello All,
I'm sure many people must have encountered this problem, but I want to
implement the functionality when a user clicks a button and "logs out"
so that the next time he attempts to access website, he will be
greeted with the authentication dialog box.
Is there any way to fulfill my wish? (Sharepoint seems to be popping
such screens whenever it wants).
|
by: kpg* |
last post by:
Hi all,
I want to perform the same action the the loginstatus control
does to logout a user programatically, but I can't seem to find
a 'logout' method in any of the membership classes.
The user gets authenticated using the login control and the build-in
database, but there are times when I want to logout the user and
send them back to the login page. At this point the "isAuthenticated"
method should return false.
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
| | |
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
