reauthenticate users

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • kimbred
    New Member
    • Jan 2009
    • 47

    reauthenticate users

    When a user cllicks into a specific form, I would like to have them re-authenticate due to the personal content of the form they're accessing. I'm not sure what I need to do to get this done. They already have to login to the appllication, but need the second layer of security. I would also like them to be logged out after 15 minutes of inactivity. Anyone have any ideas?
  • Frinavale
    Recognized Expert Expert
    • Oct 2006
    • 9749

    #2
    What type of authentication are you using?

    -Frinny

    Comment

    • kimbred
      New Member
      • Jan 2009
      • 47

      #3
      Using forms authentication to get into the Intranet.

      Comment

      • Frinavale
        Recognized Expert Expert
        • Oct 2006
        • 9749

        #4
        Well the timeout part is pretty easy.
        You just set the forms authentication cookie to expire after 15 minutes.

        The "re-authentication" part is going to be a bit more tricky.

        I'm not entirely sure how you'd do this but maybe place the super-sensitive content in a separate folder with it's own web.config file. This section of the site would have to be set up using the same authentication provider as the regular-sensitive content....and would have it's own Login feature which would issue another authentication cookie that would expire after the user's finished with the super-sensitive content.

        -Frinny

        Comment

        • kimbred
          New Member
          • Jan 2009
          • 47

          #5
          I've done that, but they would like the cookie to expire when the user leaves the form. Is there any way to do that without adding a logout button?

          Comment

          • Frinavale
            Recognized Expert Expert
            • Oct 2006
            • 9749

            #6
            Yes...but it's not easy and doesn't work Opera.


            First read this article then read this post...I'm still in the middle of writing an article on the topic.

            -Frinny

            Comment

            Working...