kbk
asked on
Session.Abandon not working properly
Hi,
I have a problem. In the ASP page, i Give Session.Abandon at the end using VB Script. When i type someother location and then come back, the page is automatically loaded without asking the security password. I have disabled the Anonymous authentication and defined various users in NT Security. What could be the problem?
I have a problem. In the ASP page, i Give Session.Abandon at the end using VB Script. When i type someother location and then come back, the page is automatically loaded without asking the security password. I have disabled the Anonymous authentication and defined various users in NT Security. What could be the problem?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Is there a programmatic way to logoff from a NT server connection from an ASP script? We tried Response.Status(401, "Unauthorised") followed by Response.End. But, Status(401) allows the user to <CANCELl> the logon dialog box which allows him to still be logged on to the NT system and the user is able to load other ASP pages. Only when the user types an invalid user\password and clicks <OK> does the browser logoffs from the NT system and throws up its own logon dialog box and now if user clicks <CANCEL> HTTP error 401 is displayed by the browser.
The username/password is stored by the browser. It will be removed when you close the browser. There might be a way using ASP/CGI to interact with that, but for that you will have to edit something on the clients computer using a script. If you find that, it is a nice security hole :).
Why exactly do you want this ? If you want to prevent other people using your PC to make use of your passwords, you'll have to close the browser.
Why exactly do you want this ? If you want to prevent other people using your PC to make use of your passwords, you'll have to close the browser.
ASKER