How to Clear the Integrated Windows authentication credential in .

  • Thread starter Datagrid left-right scroll problem
  • Start date
D

Datagrid left-right scroll problem

We have got an application which is using Integrated Windows authentication
credential method for logging into the site. Our customer now is asking for a
requirement to provide more security. The requirement is like this..

"Whenever the session of the application expires(as per time in web.config),
it should clear the User credentials so that even if the User enters the site
url in the same browser instance,the Integrated Windows authentication
credential dialog box should pop up. This will make the user to enter the
userid and password again to access the application. In other words, even if
the session expires, only authorized users should be allowed to login".

Please help us in finding a solution for this. It will be really great if
some experts can provide us the code snippet for this.

Kind Regards & Thanks in Advance,

Gireesh
 
D

Dominick Baier [DevelopMentor]

Hi,

i think this will not work - several problems

a) there is no way to clear the credentials from ASP.NET - there is only
a client IE command that can do that.
b) there is no reliable way to detect a session end - Session_End only guarantees
to fire with InProc sessions
 
J

Jim Cheshire

We have got an application which is using Integrated Windows authentication
credential method for logging into the site. Our customer now is asking for a
requirement to provide more security. The requirement is like this..

"Whenever the session of the application expires(as per time in web.config),
it should clear the User credentials so that even if the User enters the site
url in the same browser instance,the Integrated Windows authentication
credential dialog box should pop up. This will make the user to enter the
userid and password again to access the application. In other words, even if
the session expires, only authorized users should be allowed to login".

Please help us in finding a solution for this. It will be really great if
some experts can provide us the code snippet for this.


Gireesh,

This has to be done on the client via an ActiveX control calling the
InternetSetOption API. See this:

195192 How To Clear Logon Credentials to Force Reauthentication
http://support.microsoft.com/default.aspx?scid=kb;EN-US;195192


Jim Cheshire
 
K

Ken Schaefer

In addition to Dominick's comments, see:
http://www.adopenstatic.com/cs/blogs/ken/archive/2005/04/12/14.aspx

Cheers
Ken


"Datagrid left-right scroll problem"
: We have got an application which is using Integrated Windows
authentication
: credential method for logging into the site. Our customer now is asking
for a
: requirement to provide more security. The requirement is like this..
:
: "Whenever the session of the application expires(as per time in
web.config),
: it should clear the User credentials so that even if the User enters the
site
: url in the same browser instance,the Integrated Windows authentication
: credential dialog box should pop up. This will make the user to enter the
: userid and password again to access the application. In other words, even
if
: the session expires, only authorized users should be allowed to login".
:
: Please help us in finding a solution for this. It will be really great if
: some experts can provide us the code snippet for this.
:
: Kind Regards & Thanks in Advance,
:
: Gireesh
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,482
Members
44,900
Latest member
Nell636132

Latest Threads

Top