Reputation: 667
How can you suspend access to a user session after a specified interval of inactivity when using Windows Integrated Security for an ASP.NET MVC Website?
Upvotes: 2
Views: 734
Reputation: 667
When using Kerberos for authentication Internet Explorer (IE) will continue sending the same credentials for each subsequent request to the server until one of two things happens:
a) The user closes their browser.
b) The server refuses the credentials with a 401 status code.
This behavior is KB 264921.
If we want to simulate a session than we have to implement the following steps:
I was hoping someone else having a better ideea, this one feels kind of hacky.
Upvotes: 1