Forcing to authentificate every tiome

[Jonas S.]

Hi all,
I've a page with requirement to authentificate access every time when user
loads it. I put it into separate directory and I could set BASIC
authentification and it works fine except one thing - an authentification is
asked only first time a page is accessed.
All next requests don't require to authentificate (til you close your
browser).
Is any solution in this situation?

Tnx in advance,
Jonas

 

[Ray at]

This is the behavior of Internet Explorer, which you cannot change. Here is
one "extreme" solution, which ~may~ be suitable for your environment.

http://support.microsoft.com/?kbid=195192

Ray at home

 

[Jonas S.]

Thanks Ray,
it seems to be a brutal method but if no any more - so it's worth to
try...

I think about two another ideas too:
1) HTTP command DISCONNECT: Closes the server connection. Can be used to
stop keep-alive behavior and to force reauthentication.
2) Is possible to do something on server side? Some specific filter, etc?

------------------

 

[Aaron Bertrand [MVP]]

1) HTTP command DISCONNECT: Closes the server connection. Can be used to

stop keep-alive behavior and to force reauthentication.

This might be a silly question, but have you tried unchecking "HTTP
Keep-Alives" in IIS? It is a trivial enable/disable option (make sure you
restart IIS after changing it, however).

2) Is possible to do something on server side? Some specific filter, etc?

No, filters (e.g. ISAPI) sit "between" IIS and the ASP code. They can't
change the fundamental behavior of IIS, as far as I know.