[Q] ASP website with AD authentication

1 post in this topic

Hi all,

Question: Where are the cookies saved for a website made with ASP that uses AD authentication and if the website will have any control over deleting the cookies to close the session?

Reason for the question and the actual issue: I support Windows servers and there is an application team who have made a website with ASP that uses AD authentication for users. Problem now is that the users select "Remember Password" when they are not supposed to. The website does not have a 'Sign Out' option but just a javascript to close the browser instead when clicked on 'Close'. I have been suggested to remove the option for users to 'Remember Password' from the registry instead of they adding an option to sign out that deletes the cookies. They say that Windows Authentication does not give the website builder any control over the cookies and is taken care of by IIS.

Is this true? I thought what they said was wrong and they should have all the control over the cookies and delete them to close a session.

Need some help here please :)


Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.