1

I have built an application in Visual Studio, ASP.NET MVC for the company I work at. It is only accessible on our intranet, and uses Windows Authentication to validate the user. There are a few pages that I only want a few users to be able to view, and have restricted access to only those few. The problem is that multiple people use one computer. I need the people that are able to view the few pages to log out when they are done so that others cannot access the page. Right now, I have them closing out the browser, and that logs them out.

The log off button is visible at the top of the screen, but does nothing. Is it possible to use the log off button as well as Windows Authentication?

I have impersonation set to "on" within IIS.

tereško
  • 58,060
  • 25
  • 98
  • 150
bsquared
  • 137
  • 2
  • 12
  • 1
    By definition, Windows Authentication takes the current logged in user's identity (Windows account) and uses it to authorize access. The only way that identity changes is if the user logs out of their account *in Windows*. Therefore, you're asking your app to do something that is inherently impossible (using Windows Authentication). If users aren't logging out of their account at the workstation then you have a bigger problem than with just your app. Unless I am missing something in your question? – Ted May 15 '14 at 19:11
  • It asks the user to log in when they try to access the restricted pages. It works fine; the people with access can view, and the people who do not get rejected. And when they close the browser it logs them off. I just want the same functionality for a log off button. The computer its self has a generic log on, say "Computer 1". But if "Bob" has permission to access the page, he can enter in his credentials to the application and it allows him to. – bsquared May 15 '14 at 19:15
  • There's an IE-only "solution", which can be found at http://stackoverflow.com/a/5731523/9344 (used by Sharepoint to do what you're asking), but otherwise you're only other option is to take a sledge hammer approach and do a click event to close the browser tab. Of course, this doesn't work in modern browsers for tabs that weren't opened with a javascript in the first place, and even then, FF is still problematic. See discussion (especially comments) at http://stackoverflow.com/questions/2076299/how-to-close-current-tab-in-a-browser-window. – Ted May 15 '14 at 19:27

0 Answers0