We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Session.Abandon not working properly

kbk
kbk asked
on
Medium Priority
202 Views
Last Modified: 2013-12-25
Hi,
I have a problem. In the ASP page, i Give Session.Abandon at the end using VB Script. When i type someother location and then come back, the page is automatically loaded without asking the security password. I have disabled the Anonymous authentication and defined various users in NT Security. What could be the problem?
Comment
Watch Question

Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview
kbk

Author

Commented:
Is there a programmatic way to logoff from a NT server connection from an ASP script? We tried Response.Status(401, "Unauthorised") followed by Response.End. But, Status(401) allows the user to <CANCELl> the logon dialog box which allows him to still be logged on to the NT system and the user is able to load other ASP pages. Only when the user types an invalid user\password and clicks <OK> does the browser logoffs from the NT system and throws up its own logon dialog box and now if user clicks <CANCEL> HTTP error 401 is displayed by the browser.


kbk

Author

Commented:
Is there a programmatic way to logoff from a NT server connection from an ASP script? We tried Response.Status(401, "Unauthorised") followed by Response.End. But, Status(401) allows the user to <CANCELl> the logon dialog box which allows him to still be logged on to the NT system and the user is able to load other ASP pages. Only when the user types an invalid user\password and clicks <OK> does the browser logoffs from the NT system and throws up its own logon dialog box and now if user clicks <CANCEL> HTTP error 401 is displayed by the browser.


Commented:
The username/password is stored by the browser. It will be removed when you close the browser. There might be a way using ASP/CGI to interact with that, but for that you will have to edit something on the clients computer using a script. If you find that, it is a nice security hole :).

Why exactly do you want this ? If you want to prevent other people using your PC to make use of your passwords, you'll have to close the browser.



Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.