I have this strange problem that is driving me crazy.
I have a ASP.NET web application that is hosted on Windows Server 2012, IIS 8.
It uses Windows Authentication and Digest.
Now, the application runs fine. When the user opens the app the first time, he is prompted for the username and password. And then he logs in fine.
the problem is:
there is a page inside the application where the user will click a link and this link will target a Blank window (tab) in IE11. this new page will show some report. The user is supposed to view the report and then close the tab and continue working on the application. However, when the user closes this tab and try to use the web application, he is being prompted to enter the username and password again!
I tried something, on the new tab, i just modify the URL to navigate to the home page... it works fine from the tab.
as if this new tab got hold of the session that the user is on! and when you close the tab, you close the session with it.
how is that possible? and how can I fix it?
Related
I have a windowless wpf app that's taking messages from an asp.net core app via signalr and displaying them to the user. I also have a NotifyIcon that has one right click option to open the web app in the browser (Process.Start). The problem is, the web app is using Windows Auth and the process is started as the computer and not the user, thus not being authenticated. How do I get the process to start as the user?
I can't use process.UserName, because that requires a password, and I don't want the user to enter the password everytime. I've also tried process.LoadUserProfile but that doesn't seem to do anything.
In my asp.net web form application, and I have an issue with internet explorer 11. The user was in "Home.aspx" and when he closes the browser and open again, the browser is still showing the last page "Home.aspx" but this page has no Session.SessionID valid, of course, if you click on any other link the user will be redirected to Login.aspx.
My question is, how can I do to redirect to Login.aspx after the last session was restored by the browser? and I do not want to depend of the "Start with tabs from the last session" setting.
Thanks.
Go into Edge - Settings - Open Microsoft Edge With... and select Start Page
i have one website and i have added it in bookmark.
the situation is:
i opened the browser and website loaded from bookmarked location now the tab1 contains the website next i am logging it now it is in home page.
then i opened new tab but i didnt loaded any site. then i closed the tab1 then i opening the site from bookmark location. here instead of loginpage its directly loading the page which was in tab2.
when i can close the logged in tab then it should ask for login page in next tab
please help me guys how to achieve this
thanks
You need to logged out the user when page is closing.
You can use onbeforeunload event to manually logged out the active user.
Have a look at this article about Save Changes on Close of Browser or When Exiting the Page
Login cookie is shared in same browser tabs (sometimes even in same type of browser).
In other words, if you login in a tab in IE, you do not have to login in different tabs. Login cookie is still valid, and you are automatically login.
However, if you open same page in FireFox or Chrome, you'll still have to login even if you have logged-in in IE.
Updated: Please do not ask user to re-login if a tab is closed and reopen in different tab (in same browser). Even banking websites won't do that. (Of course, user'll need to relogin if the browser is closed.)
Is this possible? i have an exit button on my web application, originally, my client request that once they click the exit button, it should CLOSE the tab or the browser itself but afaik that's impossible since the web aplication can be opened via link in an email (outlook,yahoomail etc) via tag, so I suggested this alternative to simply just redirect to the Home (of the user, not the web app). the problem how to Redirect to USER's home page. TIA
if (window.home){
window.home();
}else{
window.location='about:home';
}
Something like that would be my guess.
window.home() reference.
There is no way to detect user's existing settings for a home page. This is a security issue. You can always, however, close the browser window after the user is finished using your application.
JS: window.close();
Not sure that would be advisable (even if it were possible), as users can have multiple homepages. Usually, web applications have a log-out button which would log the user out and return to the application's main page (probably showing a log-in form).
On our intranet pages, we're checking who the user is and displaying it on the site as a label. For all other users the logged in name is correct. For this user it shows as OURDOMAIN\ADMINISTRATOR.
I know HOW it happened. One day there was an issue with permissions and I launched the page from her PC. IE prompted for the user, and rejected her login. I tried using the domain admin, and it let us access the page, but now I can't get it back to her login. It's not browser specific, as I installed Chrome and get the same behavior.
The page connects to the database (using SQL Authentication), and then runs a stored procedure. After that, the following code is run:
string userid = HttpContext.Current.User.Identity.Name.ToString();
lbl_User.Text = userid;
How / Where do I reset this for her? Is XP or IIS that cached these credentials?
It is most likely stored in Managed Passwords:
Click Start > Run
Enter "control userpasswords2"
Click the Advanced tab
Click Manage Passwords
Select the wrong credentials
Click Remove
You may need to log-off and back on again for these setting to change.
This is definitely a problem with the client PC and not IIS. Windows stores credentials for later use and will automatically send these to the web server via the browser.
I found the solution: the page was in the "Intranet" zone. I opened IE, and went into internet options. I went to the Internet Options, went to security tab, selected Intranet, and then "Custom Level". Went down to user authentication and set it to "Prompt for user name and password". Closed the browser, reopened that page and then it prompted me. Changed the credentials accordingly.