How to Clear the Integrated Windows authentication credential in .

Discussion in 'ASP .Net Security' started by Datagrid left-right scroll problem, Jan 23, 2006.

  1. We have got an application which is using Integrated Windows authentication
    credential method for logging into the site. Our customer now is asking for a
    requirement to provide more security. The requirement is like this..

    "Whenever the session of the application expires(as per time in web.config),
    it should clear the User credentials so that even if the User enters the site
    url in the same browser instance,the Integrated Windows authentication
    credential dialog box should pop up. This will make the user to enter the
    userid and password again to access the application. In other words, even if
    the session expires, only authorized users should be allowed to login".

    Please help us in finding a solution for this. It will be really great if
    some experts can provide us the code snippet for this.

    Kind Regards & Thanks in Advance,

    Gireesh
     
    Datagrid left-right scroll problem, Jan 23, 2006
    #1
    1. Advertising

  2. Hi,

    i think this will not work - several problems

    a) there is no way to clear the credentials from ASP.NET - there is only
    a client IE command that can do that.
    b) there is no reliable way to detect a session end - Session_End only guarantees
    to fire with InProc sessions

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > We have got an application which is using Integrated Windows
    > authentication credential method for logging into the site. Our
    > customer now is asking for a requirement to provide more security. The
    > requirement is like this..
    >
    > "Whenever the session of the application expires(as per time in
    > web.config), it should clear the User credentials so that even if the
    > User enters the site url in the same browser instance,the Integrated
    > Windows authentication credential dialog box should pop up. This will
    > make the user to enter the userid and password again to access the
    > application. In other words, even if the session expires, only
    > authorized users should be allowed to login".
    >
    > Please help us in finding a solution for this. It will be really great
    > if some experts can provide us the code snippet for this.
    >
    > Kind Regards & Thanks in Advance,
    >
    > Gireesh
    >
     
    Dominick Baier [DevelopMentor], Jan 23, 2006
    #2
    1. Advertising

  3. Datagrid left-right scroll problem

    Jim Cheshire Guest

    On Mon, 23 Jan 2006 05:19:02 -0800, "Datagrid left-right scroll
    problem" <>
    wrote:

    >We have got an application which is using Integrated Windows authentication
    >credential method for logging into the site. Our customer now is asking for a
    >requirement to provide more security. The requirement is like this..
    >
    >"Whenever the session of the application expires(as per time in web.config),
    >it should clear the User credentials so that even if the User enters the site
    >url in the same browser instance,the Integrated Windows authentication
    >credential dialog box should pop up. This will make the user to enter the
    >userid and password again to access the application. In other words, even if
    >the session expires, only authorized users should be allowed to login".
    >
    >Please help us in finding a solution for this. It will be really great if
    >some experts can provide us the code snippet for this.
    >



    Gireesh,

    This has to be done on the client via an ActiveX control calling the
    InternetSetOption API. See this:

    195192 How To Clear Logon Credentials to Force Reauthentication
    http://support.microsoft.com/default.aspx?scid=kb;EN-US;195192


    Jim Cheshire
    --
    Blog:
    http://blogs.msdn.com/jamesche
     
    Jim Cheshire, Jan 23, 2006
    #3
  4. Datagrid left-right scroll problem

    Ken Schaefer Guest

    In addition to Dominick's comments, see:
    http://www.adopenstatic.com/cs/blogs/ken/archive/2005/04/12/14.aspx

    Cheers
    Ken


    "Datagrid left-right scroll problem"
    <> wrote in message
    news:...
    : We have got an application which is using Integrated Windows
    authentication
    : credential method for logging into the site. Our customer now is asking
    for a
    : requirement to provide more security. The requirement is like this..
    :
    : "Whenever the session of the application expires(as per time in
    web.config),
    : it should clear the User credentials so that even if the User enters the
    site
    : url in the same browser instance,the Integrated Windows authentication
    : credential dialog box should pop up. This will make the user to enter the
    : userid and password again to access the application. In other words, even
    if
    : the session expires, only authorized users should be allowed to login".
    :
    : Please help us in finding a solution for this. It will be really great if
    : some experts can provide us the code snippet for this.
    :
    : Kind Regards & Thanks in Advance,
    :
    : Gireesh
     
    Ken Schaefer, Jan 27, 2006
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Martin
    Replies:
    3
    Views:
    781
    Hermit Dave
    Jan 10, 2004
  2. Mark
    Replies:
    0
    Views:
    677
  3. Brett Smith
    Replies:
    2
    Views:
    454
    Brett Smith
    Oct 26, 2004
  4. Will
    Replies:
    5
    Views:
    2,623
  5. Nacho Nachev
    Replies:
    2
    Views:
    908
Loading...

Share This Page