By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,984 Members | 1,421 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,984 IT Pros & Developers. It's quick & easy.

Windows Authentication Logout

P: n/a
Hello All:

I am using Windows Authentication in my VB/ASP.NET Intranet Web Application.

How do I create a method that will release the authentication Token, so the
user will no longer have access to any of the resources on the site?

Thanks

Stuart


Nov 18 '05 #1
Share this Question
Share on Google+
1 Reply


P: n/a
I don't think you can disable the "Token" on the fly. To dynamically
control access, store those who are allowed in a table and those who are not
allowed in another table - or separate views of the same table - or an
array or arraylist and use something like this:
foreach(string user in BannedUsers)
{
if (user == User.Identity.Name)
{
throw new Exception ("You are not authorized");
}
}

You could do a PrincipalPermission.Demand() on the user against a list of
users, but I don't think it buys you much in this case. The concept there
is you create a PermissionPrincipal:

bool allowed = false;
foreach(string user in AllowedUsers)
{
try
{
PrincipalPermission pp = new PrincipalPermission(null, user);
pp.Demand();
allowed = true;
}
catch(Exception ex)
{
}
}

if (!allowed)
throw new Exception ("You're not allowed here!");

Hope this helps

Dale

If the

"Stuart Shay" <ss***@j51.com> wrote in message
news:#J*************@TK2MSFTNGP10.phx.gbl...
Hello All:

I am using Windows Authentication in my VB/ASP.NET Intranet Web Application.
How do I create a method that will release the authentication Token, so the user will no longer have access to any of the resources on the site?

Thanks

Stuart


Nov 18 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.