Hi,

I have a website where Windows Authentication is used to log in the site. I have used ASP.NET 2.0. I need to add a button "Logout" that will close the session and bring the windows authentication window in response to click event.

Any Suggestion Please!

Hmmm, this sounds like IE may help you.  If you tick the prompt for win user login creds in IE the user should thne be asked to login with a pop-up box, however, logging out I'm not too sure about - presumably you only want them to log out of the site not windows?

Give the IE bit a go and see if that is what you are thinking of...why would you want explicit logging out though of something that uses win auth? 

HTH.

Thanks for the reply. Actually I need a logout button that will close the current session, and again will show the windows authentication dialog box so that user can again login if required. And without relogging in user can't access any page of the site. But I still don't know how to do this.

Hi

As far as I know, it's not possible to clear/change Windows credentials in .NET code. That is due to setting of IIS & IE. What we can do is to send a 401 HTTP status code and ask the client to re-input the user credential:

         string strUser = User.Identity.Name;

         if (strUser.Contains("olduser"))

        {

            Response.StatusCode = 401;

        }

        else

        {

            …

        }

The way to do this is to use Javascript, not ASP.NET. Credit goes to a tip I read here.

Here's the code to put in your ASPX page.

HEADER SECTION

<head runat="server">
    <title>Header</title>
    <script language="javascript">
        if(self.location==top.location)self.location="Default.html";
        
        function Logout()
        {    
            try    
            {        
                if(window.XMLHttpRequest)
                {  
                    alert("You have been logged off from this website. Note that if you run Internet Explorer 6.0 without Service Pack 1 you need to close all browser windows in order to complete the log off process.");
                    document.execCommand("ClearAuthenticationCache", "false");            

		            if (top.location != location) {
    			        top.location.href = "." ;
		            }
                }                
                else        
                {            
                    alert("This feature requires Internet Explorer 6.0 Service Pack 1 or above. " + "Please close all browser windows in order to complete the logout process.");        
                }    
            }        
            catch (e)    
            {        
                alert("This feature requires Internet Explorer 6.0 Service Pack 1 or above. " +"Please close all browser windows in order to complete the logout process.");    
                }
            }
    </script>
    <link href="styles/StyleSheet.css" rel="stylesheet" type="text/css" />
</head>

BODY SECTION

<body>
    <div style="position: absolute; width:99%; text-align:right; left: 0px; top: 54px; z-index: 100;">
        <asp:HyperLink ID="HyperLink1" runat="server" Style="z-index: 102; right: 10px;
            position: absolute; top: 0px" NavigateUrl="javascript:Logout()" Width="40px">Logout</asp:HyperLink>
    </div>
</body>

Rizwan Gulamhussein