Session.Abandon not working properly

Hi,
I have a problem. In the ASP page, i Give Session.Abandon at the end using VB Script. When i type someother location and then come back, the page is automatically loaded without asking the security password. I have disabled the Anonymous authentication and defined various users in NT Security. What could be the problem?
kbkAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
sybeConnect With a Mentor Commented:
Session.abandon will destroy all ASP-sessionvariables, but it will not destroy NT-authentication. NT-authentication has nothing to do with ASP.

You can force the NT inlog dialogue in ASP with

<%
Response.Status = "401 Unauthorized"
%>



0
 
kbkAuthor Commented:
Is there a programmatic way to logoff from a NT server connection from an ASP script? We tried Response.Status(401, "Unauthorised") followed by Response.End. But, Status(401) allows the user to <CANCELl> the logon dialog box which allows him to still be logged on to the NT system and the user is able to load other ASP pages. Only when the user types an invalid user\password and clicks <OK> does the browser logoffs from the NT system and throws up its own logon dialog box and now if user clicks <CANCEL> HTTP error 401 is displayed by the browser.


0
 
kbkAuthor Commented:
Is there a programmatic way to logoff from a NT server connection from an ASP script? We tried Response.Status(401, "Unauthorised") followed by Response.End. But, Status(401) allows the user to <CANCELl> the logon dialog box which allows him to still be logged on to the NT system and the user is able to load other ASP pages. Only when the user types an invalid user\password and clicks <OK> does the browser logoffs from the NT system and throws up its own logon dialog box and now if user clicks <CANCEL> HTTP error 401 is displayed by the browser.


0
 
sybeCommented:
The username/password is stored by the browser. It will be removed when you close the browser. There might be a way using ASP/CGI to interact with that, but for that you will have to edit something on the clients computer using a script. If you find that, it is a nice security hole :).

Why exactly do you want this ? If you want to prevent other people using your PC to make use of your passwords, you'll have to close the browser.



0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.