CodeVerge.Net Beta


   Explore    Item Entry    Members      Register  Login  
NEWSGROUP
.NET
Algorithms-Data Structures
Asp.Net
C Plus Plus
CSharp
Database
HTML
Javascript
Linq
Other
Regular Expressions
VB.Net
XML

Free Download:
Zone: > NEWSGROUP > Asp.Net Forum > general_asp.net.security Tags:
Item Type: NewsGroup Date Entered: 4/7/2005 5:28:49 AM Date Modified: Subscribers: 0 Subscribe Alert
Rate It:
(NR, 0)
XPoints: N/A Replies: 2 Views: 217 Favorited: 0 Favorite
Can Reply:  No Members Can Edit: No Online: Yes
3 Items, 1 Pages 1 |< << Go >> >|
evidentlogic
Asp.Net User
Windows Authentication "Log Out"4/7/2005 5:28:49 AM

0/0

I have a web application that must use Windows Authentication.

This same application runs in a kiosk type PC where the NT user
is "kiosk". Users with no NT account access the application from
this kiosk as the "kiosk" user.

What needs to happen, is if the application is being run from the
kiosk (hence "kiosk" user is logged in), IIS prompts for a user name
and password to authenticate as a different user.

I was able to accomplish this by setting deny="kiosk" in my
web.config so that if kiosk was logged in, it would prompt for user
name and password. This works great.

The problem now, is that if a user logs in on the kiosk as a
different user, and neglects to close the browser, the user that
logged in will leave his/her session running introducing a security
hole.

In Forms Authenticaion, logging off an existing user is trivial, but
I cannot seem to find similar functionality for Windows
Authentication.

What I'd like to be able to do is handle the session timeout event
in my Session_End handler in Global and log the loggen in user off
thus reverting to kiosk.

Any ideas how to do this?

Thanks,

Rick
dotnetrook
Asp.Net User
Re: Windows Authentication "Log Out"4/7/2005 5:18:44 PM

0/0

I dont think you can log out a user logged on with Windows Authentication method. That's the drawback with this method. The user session ends only when the browser is closed.

One idea though. Always start a new session in a new browser opened by your code and when the user clicks log out button just close the browser. Since the browser window was opened by the code, there will not be any alert message asking the user if he/she wanted to close the window.

Rules at work:
1) Boss is always right
2) If Boss is wrong; refer rule #1
JawadKhan
Asp.Net User
Re: Windows Authentication "Log Out"4/7/2005 9:35:20 PM

0/0

You can use Forms Authentication for Active Directory /Windows Users. So you can still authenticate against windows ....Its not necessary to have a custom User Store. This way the cookie will expire after a duration and they be taken to the form to re authenticate again ....or if they click on Logout then you can expire the cookie yourself ....

Look at the following MSDN article to know How MCMS processes Pages ......

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnmscms02/html/Office_CMSProcessesPages.asp

 

 

ASP.Net Tips & Tricks - Jawad's Blog
3 Items, 1 Pages 1 |< << Go >> >|


Free Download:

Books:
Network+ Training Guide: Network+ Training Guide Authors: Drew Bird, Mike Harwood, Pages: 784, Published: 2002
Beginning SQL Server 2000 DBA: From Novice to Professional Authors: Tony Bain, Baya Pavliashvili, Michael Benkovich, Brian Freeman, Joseph Sack, Pages: 680, Published: 2004
Windows Server 2003 Security Infrastructures: Core Security Features Authors: Jan de Clercq, Pages: 756, Published: 2004
Beginning SQL Server 2005 Programming Authors: Robert Vieira, Pages: 688, Published: 2006
MCTS: Microsoft SQL Server 2005 Implementation and Maintenance: Microsoft SQL Server 2005 Implementation and Maintenance Study Guide (Exam 70-431) Authors: Joseph L. Jorden, Dandy Weyn, Pages: 634, Published: 2006
ASP.NET and VB.NET Web Programming Authors: Matt J. Crouch, Pages: 768, Published: 2002
Visual Web Developer 2005 Express Edition For Dummies Authors: Alan Simpson, Pages: 358, Published: 2005
Beginning SQL Server 2008 for Developers: from Novice to Professional: From Novice to Professional Authors: Robin Dewson, Pages: 496, Published: 2008
MCSA/MCSE/MCDBA: SQL Server 2000 Administration. Exam 70-228 Authors: Joseph L. Jorden, Rick Sawtell, Lance Mortensen, Pages: 608, Published: 2003
Internet Information Services Administration: Guía avanzada/. Authors: Kelli Adam, Lisa Stanley, Guy Stevens, Pages: 167, Published: 2000

Web:
Windows Authentication: Logout - ASP.NET Forums I have a website where Windows Authentication is used to log in the site. I have used ASP.NET 2.0. I need to add a button "Logout" that will ...
Logout from windows authentication?? Talk about Logout from windows authentication?? ... ASP Net - Logout from windows authentication?? Thread Tools. Old 04-07-2005, 10:39 PM ...
microsoft.public.dotnet.framework.aspnet.security: Re: windows ... Next message: Syed Khan: "Re: windows authentication logout validation" ... In reply to: syed khan: "windows authentication logout validation" ...
.NET ASP.NET security Logout with windows authentication Logout with windows authentication - Michael Nemtsev [MVP]. 07-Dec-07 01:32:15. Hello Uwe, Did u try to clear and close session + clear ...
ASP.NET Windows Authentication - Logout options : authentication ... Hi, I need some information on how to log off users from my intranet application . I am using ASP.NET 2.0 with VB.NET. I would like my users to click on a ...
Logout - IIS Windows Authentication | drupal.org I have IIS6 configured with Windows Authentication for a seamless sso connection to drupal. When I acces the site from outside my domain it prompts for ...
TheMSsForum.com >> Asp >> Windows Authentication Logout - The ... Again, I have no idea even how to start and I couldn't find help on the MSDN Library. Thanks TIB Tag: Windows Authentication Logout Tag: 264983 ...
logout validation windows authentication - DevX.com Forums logout validation windows authentication ASP.NET. ... Reload this Page logout validation windows authentication ...
Windows Authentication Logout Talk about Windows Authentication Logout. ... Velocity Reviews > Newsgroups > ASP Net · Reload this Page Windows Authentication Logout ...
Windows Authentication for GTGS - Technical Note Microsoft Windows Authentication Technical Note for GTGS ... You can also ask users to log out of the current Windows session, so that at next ...




Search This Site:










array size

programally setting textbox width

setting controls positions on the designer..

what does this mean? urgent!

skins and child properties on a control

problems with converting output from db

security on web site

can some one send me the enhanced page options module

changing page.title when header isn't runat=server

how to have custom date format ?

visual web developer 2005 express pdf tutorials?

a page can have only 1 server form tag

my namespace?? (loading controls at runtime)

important: asp.net and xhtml 1.1

dropdownlist question

retrieve themes programatically.

file property

3.0.8 template creation/use

abstract class v/s interface

sharing application state in web farm/web garden

right direction?

size of portalalias database field

runtime error

role based securiy with windows authentication

help with remote debugging

aggregate page doesn't work

how to create a skinning

compiling multiple projects of a solution

drop down list in createuserwizard control

controlling the ie browser window
 
All Times Are GMT