Log Off Button

D

dpnews

I have an Xp Pro machine running IIS with security on one of the subwebs.
I have an asp written in FP2003 that shows data from an SQL (MSDE) database.
I would like to implement a log off button that would then force the user to
reenter their password (the security is manahed by XP pro).

At present they only have to enter their password if they close the browser
and start a new browser and revisit the asp

Many thanks
Dave
 
P

p c

What do you mean by "the security is manahed by XP pro"

How are you tracking state for the loggedin users? Sessions, cookies,
...? The logoff button/link would set to clear the session, cookie etc,.
 
D

dpnews

No if you look at the iis admin page ypu can control access by either setting
anonymous access or by authenticating against xp pro users.
 
P

p c

You are in an intranet environment then. And IIS is using windows
integrated authentication for access to the pages/files or folder on the
IIS managed web site. If the browser is IE, it handles
security/authentication "seamlessly" and you don't "see" repeated
requests for user authentication because they are handled behinde the
scenes--that why users don't have to re-enter the windows user and
password again/

If you want to limit how many times a user can reset a certain page, you
will need a different control scheme which will require custom code.

Are the pages the user is viewing already restricted to a certian
Wondows user group? What is the purpose of the "log-off"?

...PC
 
D

dpnews

I simply want a log off button that would return them to the home page and if
they then selected the ristricted area again they would have to enter the
password again.
 
S

Stefan B Rusynko

Depends on how you are initially authenticating them

If thru unique web/subweb permissions (requiring authentication from the site server)
- it is not possible to log out until the browser is closed

If thru a DB (holding credentials to check) and a sign on ASP script w/ a Session variable (checking on each page for slog in
status) you can log them out by making the logout kill the session state

--

_____________________________________________
SBR @ ENJOY (-: [ Microsoft MVP - FrontPage ]
"Warning - Using the F1 Key will not break anything!" (-;
To find the best Newsgroup for FrontPage support see:
http://www.frontpagemvps.com/FrontPageNewsGroups/tabid/53/Default.aspx
_____________________________________________


|I simply want a log off button that would return them to the home page and if
| they then selected the ristricted area again they would have to enter the
| password again.
|
|
|
| "p c" wrote:
|
| > You are in an intranet environment then. And IIS is using windows
| > integrated authentication for access to the pages/files or folder on the
| > IIS managed web site. If the browser is IE, it handles
| > security/authentication "seamlessly" and you don't "see" repeated
| > requests for user authentication because they are handled behinde the
| > scenes--that why users don't have to re-enter the windows user and
| > password again/
| >
| > If you want to limit how many times a user can reset a certain page, you
| > will need a different control scheme which will require custom code.
| >
| > Are the pages the user is viewing already restricted to a certian
| > Wondows user group? What is the purpose of the "log-off"?
| >
| > ...PC
| >
| >
| > dpnews wrote:
| > > No if you look at the iis admin page ypu can control access by either setting
| > > anonymous access or by authenticating against xp pro users.
| > >
| > > "p c" wrote:
| > >
| > >
| > >>What do you mean by "the security is manahed by XP pro"
| > >>
| > >>How are you tracking state for the loggedin users? Sessions, cookies,
| > >>...? The logoff button/link would set to clear the session, cookie etc,.
| > >>
| > >>
| > >>dpnews wrote:
| > >>
| > >>>I have an Xp Pro machine running IIS with security on one of the subwebs.
| > >>>I have an asp written in FP2003 that shows data from an SQL (MSDE) database.
| > >>>I would like to implement a log off button that would then force the user to
| > >>>reenter their password (the security is manahed by XP pro).
| > >>>
| > >>>At present they only have to enter their password if they close the browser
| > >>>and start a new browser and revisit the asp
| > >>>
| > >>>Many thanks
| > >>>Dave
| > >>
| >
 
D

dpnews

many thanks for your answer.

Can you close the browser with code behind a button

Stefan B Rusynko said:
Depends on how you are initially authenticating them

If thru unique web/subweb permissions (requiring authentication from the site server)
- it is not possible to log out until the browser is closed

If thru a DB (holding credentials to check) and a sign on ASP script w/ a Session variable (checking on each page for slog in
status) you can log them out by making the logout kill the session state

--

_____________________________________________
SBR @ ENJOY (-: [ Microsoft MVP - FrontPage ]
"Warning - Using the F1 Key will not break anything!" (-;
To find the best Newsgroup for FrontPage support see:
http://www.frontpagemvps.com/FrontPageNewsGroups/tabid/53/Default.aspx
_____________________________________________


|I simply want a log off button that would return them to the home page and if
| they then selected the ristricted area again they would have to enter the
| password again.
|
|
|
| "p c" wrote:
|
| > You are in an intranet environment then. And IIS is using windows
| > integrated authentication for access to the pages/files or folder on the
| > IIS managed web site. If the browser is IE, it handles
| > security/authentication "seamlessly" and you don't "see" repeated
| > requests for user authentication because they are handled behinde the
| > scenes--that why users don't have to re-enter the windows user and
| > password again/
| >
| > If you want to limit how many times a user can reset a certain page, you
| > will need a different control scheme which will require custom code.
| >
| > Are the pages the user is viewing already restricted to a certian
| > Wondows user group? What is the purpose of the "log-off"?
| >
| > ...PC
| >
| >
| > dpnews wrote:
| > > No if you look at the iis admin page ypu can control access by either setting
| > > anonymous access or by authenticating against xp pro users.
| > >
| > > "p c" wrote:
| > >
| > >
| > >>What do you mean by "the security is manahed by XP pro"
| > >>
| > >>How are you tracking state for the loggedin users? Sessions, cookies,
| > >>...? The logoff button/link would set to clear the session, cookie etc,.
| > >>
| > >>
| > >>dpnews wrote:
| > >>
| > >>>I have an Xp Pro machine running IIS with security on one of the subwebs.
| > >>>I have an asp written in FP2003 that shows data from an SQL (MSDE) database.
| > >>>I would like to implement a log off button that would then force the user to
| > >>>reenter their password (the security is manahed by XP pro).
| > >>>
| > >>>At present they only have to enter their password if they close the browser
| > >>>and start a new browser and revisit the asp
| > >>>
| > >>>Many thanks
| > >>>Dave
| > >>
| >
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Entourage logs off 3
SP2 and ASP Pages 1
Database content not displayed 14
Where do I create a page to allow users to log in to a secured sit 2
Server Error: Web... is busy 3
Urgent Help about SQL Server Connection 1
Password protect 8
Unable to login to Localhost 5

Top