需要用户使用NTLM重新认证 [英] Need Users to Re-authenticate with NTLM
问题描述
我NTLM与asp.net的MVC 2.0站点(authenication =在web.config中的窗口)。
I'm NTLM (authenication="windows" in the web.config) with an asp.net mvc 2.0 site.
现在,一旦用户登录这让他们在同一时间登录几个星期。
Right now once a user logs in it keeps them logged in for weeks at a time.
使用该应用程序正在被打开,以谁分享使用登录服务帐户的计算机的用户。
The use of the application is being opened up to users who share computers that use logged in service accounts.
我需要在网站每次重新提示每个用户提供他们的AD凭据才能处理这些用户。 (网站上的活动必须链接到一个唯一标识用户。)
I need the site to reprompt each user for their AD credentials each time in order to handle these users. (Activity on the site must be linked to a uniquely identified user.)
感谢您的帮助,您可以提供。
Thanks for any help that you can provide.
卡罗尔的三分球
推荐答案
要做到这一点的方法是处理的的Http使用 HTTP 401挑战认证过程。
A way to do this is to handle the Http Authentication process using the HTTP 401 challenge.
的原则是拒绝的凭据,即使它们是有效的,强制所有用户(或萨姆取决于广告属性/ code参数...)重新输入他们的凭据。
The principle is to refuse the credentials, even if they are valid to force all users (or somes depending on AD attributes/code parameters...) to retype their credentials.
您需要发送 HTTP 401 codeS在响应以告知已发出的证书不被接受的浏览器。
根据浏览器的配置,你必须发送1至3 401 响应(可以使用Cookie来处理计数器)强制浏览器提示用户,因此计数3。
You have to send HTTP 401 codes in the response to indicate to the browser that the credentials which have been sent are not accepted.
Depending on the browser configuration, you have to send 1 to 3 401 responses (you can use cookies to handle the counter) to force the browser to prompt the user, so count up to 3.
if (mycounter < 3)
{
Response.StatusCode = 401;
Response.End();
}
这篇关于需要用户使用NTLM重新认证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
