Force User Logon

Results 1 to 2 of 2

Thread: Force User Logon

  1. #1
    Join Date
    Dec 1969

    Default Force User Logon

    I have a site that authenticates users through NT security. Upon hitting the site users are prompted for their userID and password. I store this is a session variable for tracking where the users go and to prevent them from accessing other pages directly.<BR><BR>Here is my question. I have set the session timeout at 20 minutes. If the session expires the user is redirected to the main page regardless of where they are on the site. However the user session variable is also destroyed. How do I force IE to prompt for their id and password again when they are redirected to the main page? Or is this possible?<BR><BR>Thanks,<BR>Jeff

  2. #2
    Join Date
    Dec 1969

    Default RE: Force User Logon

    I&#039ve encountered something similar. The problem is, when their session times out, all their session state is destroyed (as you&#039ve discovered) and they arrive at the main page, where you do not know whether they are coming in for the first time, or if their session timed out.<BR><BR>One solution is to set a cookie indicating that they have logged in, and set that cookie to expire after some amount of time longer than the session timeout, or when the browser is closed. <BR><BR>Then, on the main page, look for that cookie. If it exists, chances are their session expired, and they are returning, at that point, your code could redirect them to one of the secure pages, causing a prompt for the username and password.....<BR><BR>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts