Clear windows identity

[evaleah]

I have an application where I am using Windows integrated security. Does anyone know of a method of clearing this at session time out so that the next time a user requests a page from the application their credentials are required again?

Thanks,
Eva

 

[dace]

? Once your session times out their authentication will always be gone - there's no session any more. If you're using windows authentication, then the next time they open the page they'll automatically get a new session.

 

[evaleah]

Right, they get a new session id but they don't have to enter their credentials again. I want the box that asks for their username and password to pop up again.

 

[dace]

Sorry, maybe I'm not getting a clear picture here - if they have to sign in with a username and password, why are you dealing with windows authentication?

 

[evaleah]

The authentication method I am using is "windows" but the server does not allow for integrated authentication. This way I can use my domain users and groups but require they actually log in everytime they use the website. This means that when the application opens, a small grey box pops up asking for the user to log in. I want a way to make it so that after the session times out the box pops up again just as if they had just opened their browser. Obviously there is something in the cache I have to clear but I don't know what it is and am not having any luck finding it.