473,385 Members | 2,243 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > logout from windows authentication??

Join Bytes to post your question to a community of 473,385 software developers and data experts.

Logout from windows authentication??

is it possible to for user to click a logout button to logout and when the
user want to get into the system again, the user have to login again?
Kevin
Nov 19 '05 #1
6 7519
Windows Authentication is based on the current windows login, I dont think
you can issue a system logout request from a webpage without using some kind
of ActiveX control.

MattC
"Kevin Yu" <ko**@hotmail.com> wrote in message
news:eL**************@TK2MSFTNGP15.phx.gbl...
is it possible to for user to click a logout button to logout and when the
user want to get into the system again, the user have to login again?
Kevin

Nov 19 '05 #2
" Windows Authentication is based on the current windows login,"

what current windows login? you mean the login to the workstation? no, it's
the crudential that the user enter when prompt by the authentication server,
the user need to be in the AD or in the authenticating server. after the
user it's authenticated, the subsequent communication will contain the
authenticated info in the httpContext. now I am not sure where I can find
more information on how this works, there got to be someway to logout for
the users.

I dont think
you can issue a system logout request from a webpage without using some kind of ActiveX control.

MattC
"Kevin Yu" <ko**@hotmail.com> wrote in message
news:eL**************@TK2MSFTNGP15.phx.gbl...
is it possible to for user to click a logout button to logout and when the user want to get into the system again, the user have to login again?
Kevin


Nov 19 '05 #3
Ack! Sorry I assumed you meant Integrated Windows Authentication. Closing
the window should kill the current authentication process. Have you tried
abandoning the current Session to see if that clears user authentication
details?

MattC
"Kevin Yu" <ko**@hotmail.com> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl...
" Windows Authentication is based on the current windows login,"

what current windows login? you mean the login to the workstation? no,
it's
the crudential that the user enter when prompt by the authentication
server,
the user need to be in the AD or in the authenticating server. after the
user it's authenticated, the subsequent communication will contain the
authenticated info in the httpContext. now I am not sure where I can
find
more information on how this works, there got to be someway to logout for
the users.

I dont think
you can issue a system logout request from a webpage without using some

kind
of ActiveX control.

MattC
"Kevin Yu" <ko**@hotmail.com> wrote in message
news:eL**************@TK2MSFTNGP15.phx.gbl...
> is it possible to for user to click a logout button to logout and when the > user want to get into the system again, the user have to login again?
>
>
> Kevin
>
>



Nov 19 '05 #4
MattC

thank you for your response.

in fact, clearing the session collection won't help, since it does nothing
to the authentication process/authenitcated commnunication
in the httpContext

Kevin


"MattC" <m@m.com> wrote in message
news:%2****************@TK2MSFTNGP15.phx.gbl...
Ack! Sorry I assumed you meant Integrated Windows Authentication. Closing
the window should kill the current authentication process. Have you tried
abandoning the current Session to see if that clears user authentication
details?

MattC
"Kevin Yu" <ko**@hotmail.com> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl...
" Windows Authentication is based on the current windows login,"

what current windows login? you mean the login to the workstation? no,
it's
the crudential that the user enter when prompt by the authentication
server,
the user need to be in the AD or in the authenticating server. after the
user it's authenticated, the subsequent communication will contain the
authenticated info in the httpContext. now I am not sure where I can
find
more information on how this works, there got to be someway to logout for the users.

I dont think
you can issue a system logout request from a webpage without using some

kind
of ActiveX control.

MattC
"Kevin Yu" <ko**@hotmail.com> wrote in message
news:eL**************@TK2MSFTNGP15.phx.gbl...
> is it possible to for user to click a logout button to logout and
when the
> user want to get into the system again, the user have to login again?
>
>
> Kevin
>
>



Nov 19 '05 #5
I came across this in a forum, so I guess it's in the windows authentication
design, not
much can be done.

The user credentials are being cached by the client browser, not by IIS. To
force the client user to enter credentials again, you would need to send an
appropriate 401 status message in response to the next client request.
However, doing this would run counter to very legitimate user expectations
of how Windows authentication is supposed to work, so you may want to
reconsider. When Windows user credentials have already been accepted by a
server (either via a login dialog or automatic submission under IE
configuration for the target site or zone), a 401 is only expected if a
requested resource cannot be accessed under the previously supplied
credentials. When you send a 401 after any credentials have been previously
accepted, the user should expect that they need to use different credentials
from their initial login. If you're expecting the same credentials, then
user confusion should be anticipated.

All in all, if you really want to force a new login, perhaps a different
authentication mode might be more appropriate..


"MattC" <m@m.com> wrote in message
news:%2****************@TK2MSFTNGP15.phx.gbl...
Ack! Sorry I assumed you meant Integrated Windows Authentication. Closing
the window should kill the current authentication process. Have you tried
abandoning the current Session to see if that clears user authentication
details?

MattC
"Kevin Yu" <ko**@hotmail.com> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl...
" Windows Authentication is based on the current windows login,"

what current windows login? you mean the login to the workstation? no,
it's
the crudential that the user enter when prompt by the authentication
server,
the user need to be in the AD or in the authenticating server. after the
user it's authenticated, the subsequent communication will contain the
authenticated info in the httpContext. now I am not sure where I can
find
more information on how this works, there got to be someway to logout for the users.

I dont think
you can issue a system logout request from a webpage without using some

kind
of ActiveX control.

MattC
"Kevin Yu" <ko**@hotmail.com> wrote in message
news:eL**************@TK2MSFTNGP15.phx.gbl...
> is it possible to for user to click a logout button to logout and
when the
> user want to get into the system again, the user have to login again?
>
>
> Kevin
>
>



Nov 19 '05 #6
MattC

there is a workaround. it need to clear the identity token on the client
browser cache, but only IE6 + sp1 support
the javascript function, for the rest of the IE version, an activeX is
needed to clear the cache.

Kevin
"MattC" <m@m.com> wrote in message
news:%2****************@TK2MSFTNGP15.phx.gbl...
Ack! Sorry I assumed you meant Integrated Windows Authentication. Closing
the window should kill the current authentication process. Have you tried
abandoning the current Session to see if that clears user authentication
details?

MattC
"Kevin Yu" <ko**@hotmail.com> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl...
" Windows Authentication is based on the current windows login,"

what current windows login? you mean the login to the workstation? no,
it's
the crudential that the user enter when prompt by the authentication
server,
the user need to be in the AD or in the authenticating server. after the
user it's authenticated, the subsequent communication will contain the
authenticated info in the httpContext. now I am not sure where I can
find
more information on how this works, there got to be someway to logout for the users.

I dont think
you can issue a system logout request from a webpage without using some

kind
of ActiveX control.

MattC
"Kevin Yu" <ko**@hotmail.com> wrote in message
news:eL**************@TK2MSFTNGP15.phx.gbl...
> is it possible to for user to click a logout button to logout and
when the
> user want to get into the system again, the user have to login again?
>
>
> Kevin
>
>



Nov 19 '05 #7
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
implementing login/logout (new to php)
by: konsu | last post by:
hello, i need to implement a secure web site in php and mysql but i have just started looking at php a few days ago, and i would appreciate any advice from the experts. the site, as i said,...
PHP
1
Create Logout page with ASP.NET
by: Tuan | last post by:
Hi, I am writting a small web application and I want to create a logout page for the users like the logout on yahoo. If the users logout they cannot go back by using back button history on the...
ASP.NET
2
Logout Feature in ASP.Net Page
by: Vinod I | last post by:
Hi Team, I would like to know how "Logout" can be handled in asp.net page. Scenario is like this:- I have a "logout" option in my menu. As soon as user clicks this, will show a "Sucessfully...
ASP.NET
2
Forms Login/Logout
by: Brian Henry | last post by:
We have our windows forms login set up and working good, well it works at least, just now we need a logout button, so when you click on it, the user will be logged out of the authentication, how...
ASP.NET
4
Session.Abandon() can't logout
by: ad | last post by:
I use the Login controls of Asp.net 2.0 in my program. I want to logout a user by program, I try Session.Abandon() for this. But I found that the user is the same after I execute Session.Abandon()....
ASP.NET
2
How can I manually logout upon errors with forms authenticatioN?
by: AAOMTim | last post by:
I want to automatically logout if certain conditions occur in my application. Calling Session.Abandon() does not force a logout. What can I do? -- Tim
.NET Framework
1
Windows Authentication Logout
by: Rahul | last post by:
Hello All, I'm sure many people must have encountered this problem, but I want to implement the functionality when a user clicks a button and "logs out" so that the next time he attempts to...
ASP.NET
3
Forced user logout in 2.0
by: kpg* | last post by:
Hi all, I want to perform the same action the the loginstatus control does to logout a user programatically, but I can't seem to find a 'logout' method in any of the membership classes. The...
ASP.NET
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!