Re: Basic Authentication and popup windows

From: Paul Clement (UseAdddressAtEndofMessage_at_swspectrum.com)
Date: 03/08/04

• Next message: eknut: "Re: How do I get a DER encoded issuerName from X509 certificate"
• Previous message: Rob Joosen: "PUID and more info"
• In reply to: Andy: "Basic Authentication and popup windows"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Mon, 08 Mar 2004 09:18:14 -0600

On 7 Mar 2004 20:35:47 -0800, nmethani@yahoo.com (Andy) wrote:

¤ We are using Basic Authentication for our site. However, I could not
¤ find any suitable Logout process except to close the window (the
¤ solutions suggested on this site that point to old VB6 code which
¤ requires creating an ActiveX object does not work correctly and I
¤ don't want to create an ActiveX object).
¤
¤ The secured site is opened in a separate window. A link on the
¤ non-secure site opens this window using window.open() javascript
¤ function.
¤ This is when the Basic Authentication is performed.
¤ The problem is, because the popup browser has been spawned off an
¤ existing browser window, the authentication details are still valid
¤ when you close down the popup window but leave the original browser
¤ window with the link open.
¤ Hence, when you click on the link again, the popup window does not
¤ request any authentication.
¤
¤ Does anyone know how to start a new browser process from ASP.NET so I
¤ can get around this problem?

I'm not aware of any *good* method for flushing the browser credentials (especially if you support
multiple browsers). You can use forms-based authentication to provide more control over the
authentication process, but if this is not an alternative then you're probably limited to using
JavaScript to close the browser in order to perform the logout.

Paul ~~~ pclement@ameritech.net
Microsoft MVP (Visual Basic)

---

• Next message: eknut: "Re: How do I get a DER encoded issuerName from X509 certificate"
• Previous message: Rob Joosen: "PUID and more info"
• In reply to: Andy: "Basic Authentication and popup windows"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: OWA Logoff problem ... Have you made sure that ALL browser windows are closed? ... but I thought that without Forms-based Auth, you had to close all browser ... >I checked all of my settings, and I do not have Integrated Authentication ... >>> window flashes on the screen. ... (microsoft.public.exchange.setup) Re: OWA Logoff problem ... Have you made sure that ALL browser windows are closed? ... but I thought that without Forms-based Auth, you had to close all browser ... >I checked all of my settings, and I do not have Integrated Authentication ... >>> window flashes on the screen. ... (microsoft.public.exchange.admin) Re: killing client popup window ... Unlike Windows authentication which ties the session to the ... The way Basic authentication works, the server always requires the client to ... Same authentication window pops up when I click on a link ... (microsoft.public.inetserver.iis.security) Re: Unable to reverse back to NTLM ... In your browser, is there an option to "remember your username and password" ... Have set NTLM as the ... authentication method, and the userid/password/domain prompt comes up ... whether it is running NTLM or Basic authentication now!! ... (microsoft.public.inetserver.iis.security) Re: Basic Authentication and popup windows ... The secured site is opened in a separate window. ... This is when the Basic Authentication is performed. ... existing browser window, the authentication details are still valid ... (microsoft.public.dotnet.faqs)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)