randomly changing user

From: "Jan Kucera" <kucera@xxxxxxxxxxxx>
Date: Thu, 5 Oct 2006 18:55:43 +0200

Hi,
I have an application in ASP.NET 2 configured to impersonate, cookies enabled and Windows NT authentication only for whole application (anonymous for one or two files inside).

On every page I write currently logged user and I've noticed recently, that this randomly changes during session. Well probably it is not randomly but it changes heavily from user to user, maybe last accessed one or something like that. Please help what is causing this and how to avoid.

The another problem which I believe is caused by the same mistake is, that if I open the one file with anonymous access (from another session), I loss my current identity in the current seesion. How to retain it?

Thanks,
Jan

.

Prev by Date: Re: SSLv3 with certificate issued by Intermediate certificae authority
Next by Date: Re: SSLv3 with certificate issued by Intermediate certificae autho
Previous by thread: Re: SSLv3 with certificate issued by Intermediate certificae authority
Next by thread: Multiple websites in one IIS with Integrated Windows Authentication
Index(es):
- Date
- Thread

Relevant Pages

Re: privilege timeout
... Microsoft MVP (Windows Security) ... > My first thought was to have the user's kerberos tickets expire if they're ... > successfully get the tickets expiring, however, the session tickets were ... > cases NTLMv2 is used instead of Kerberos for authentication. ...
(microsoft.public.win2000.active_directory)
Re: privilege timeout
... Microsoft MVP (Windows Security) ... > My first thought was to have the user's kerberos tickets expire if they're ... > successfully get the tickets expiring, however, the session tickets were ... > cases NTLMv2 is used instead of Kerberos for authentication. ...
(microsoft.public.win2000.security)
Access Denied using Impersonation
... I am developing an intranet application that uses windows ... authentication and impersonation. ... is that it seems when the session ends the access token ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: Authentication and sessions
... A new window opened from the original one will have the same session ... however place a cookie at the root of a web and access it from ... >How can we cancel or revoke that authentication to make the ... How do they cope with opening new windows from the original one? ...
(microsoft.public.dotnet.framework.aspnet)
[NT] Cryptographic Flaw in RDP Protocol Can Lead to Information Disclosure
... The Remote Data Protocol (RDP) provides the means by which Windows systems ... The first involves how session encryption is implemented in certain ... An attacker who was able to eavesdrop on and record ...
(Securiteam)