Results 1 to 6 of 6

Thread: Microsoft IIS shows End User Sessions on webpage

  1. #1
    Join Date
    Jul 2010

    Microsoft IIS shows End User Sessions on webpage

    I am running an ASP application that is running on our IIS 6 logging in the Session timeout set to 4 hours (I know, in terms of performance not exactly optimal, but the application is on a limited User group (max. 40 users) and it is at present used for the requirements application, no other solution is possible). Well, the session never stops with these 4 hours. But after some time i realise on my webpage that the message pop for end user session. Any idea? How to remove. Please help.

  2. #2
    Join Date
    May 2008

    Re: Microsoft IIS shows End User Sessions on webpage

    You need to use the HTTP response header to unsubscribe a user from a Web application. The first and easiest way to unsubscribe a user from a Web application is to use a browser HTTP response headers for a specific period of time. Open a text editor such as Notepad, and type the following HTML content:

    <META HTTP-EQUIV="Refresh" CONTENT="10;URL=Logoff.htm">
      <TITLE> Redirect Demo </ TITLE>
    </ HEAD>
    <H1> You will be logged out after 10 seconds </ H1>
    </ BODY>
    </ HTML>
    the <meta> Days redirects the browser to Logoff.htm after ten seconds (unless the user refreshes the page or another page loads). The page redirection is automatic even if the user interacts with the page at this time. In practice, a timeout of 20 minutes (1200 seconds) typically used with this type of redirection.
    # Save this file RedirectDemo.htm.

  3. #3
    Join Date
    May 2008

    Re: Microsoft IIS shows End User Sessions on webpage

    The main issue that you must bear in mind is that you are using the ASP Basic Authentication on IIS to perform over. In effect, the IIS anonymous access only by what, in contrast to "normal" Basic Authentication is not the case: there are the Requests then performed Account. The authentication of the client is in "normal" IIS access methods via NTFS permissions "Provoked". Since you do not attack the NTFS permissions, you need to authenticate provoke different: you need to generate 401 error itself, and even intercept, without that the IIS comes with its other methods in their way.

  4. #4
    Join Date
    Apr 2008

    Re: Microsoft IIS shows End User Sessions on webpage

    When IIS receives from a Web browser makes an HTTP request, the following steps are performed:
    1. The request is initially as the anonymous account, IUSR_Computer NameTreated. If this account does not have sufficient access rights has to complete the request, or if is not enabled in IIS, anonymous access, IIS error 401 ("Access Denied") returned.
    2. IIS then performs a user authentication to the remote user by using Basic authentication or Windows NT can identify Challenge / Response. If the Web browser or the FrontPage client to Windows NT Challenge / Response, the user may receive no prompt, because web browser from the client computer simply takes the user name and password of the logged in user.
    3. IIS allows access to a file on the web server only if the NTFS ACL of the file was transferred to the account whose identity on the Web server that contains the correct permissions.

  5. #5
    Join Date
    Jan 2008

    Re: Microsoft IIS shows End User Sessions on webpage

    You can use NT Security on Microsoft Internet Information Services (IIS) in order to meet these two requirements. IIS servers offer a variety of security procedures, all based on NT Security Accounts. Who is IIS security still new territory, which this article will help you decide which methods for my website and the customers are the best. Check the windows service active Directory: This is the successor to NT 4.0 Domain Security. Active Directory is the domain system for Windows 2000 Server and Windows Server 2003. It is similar to NT 4.0 Domain Security, but offers a much wider range of functions.

  6. #6
    Join Date
    Nov 2005

    Re: Microsoft IIS shows End User Sessions on webpage

    Sessions are identified by unique ASP Session cookies. The cookie itself contains only a unique session identifier that is exchanged between the client browser and the server and allows an unambiguous assignment of the request to the relevant meeting. The actual data of the Session object is stored in the memory of the web server. One hand this has the advantage that only a relatively small amount of data must be transferred, on the other hand, hidden in the Session object and the stored data will be protected from direct access by the user. You can change it from the cookie settings.

Similar Threads

  1. Replies: 4
    Last Post: 20-10-2011, 11:30 PM
  2. Webpage error details User Agent: Mozilla/4.0
    By TheNexus in forum Technology & Internet
    Replies: 3
    Last Post: 07-02-2011, 05:14 PM
  3. Outlook won't open Microsoft powerpoint slide shows
    By Ehsaan in forum Technology & Internet
    Replies: 2
    Last Post: 30-03-2009, 01:40 PM
  4. To display webpage inside another webpage
    By Faakhir in forum Technology & Internet
    Replies: 3
    Last Post: 24-03-2009, 10:59 AM
  5. Replies: 3
    Last Post: 26-04-2005, 07:06 AM

Tags for this Thread


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
Page generated in 1,675,793,215.06187 seconds with 17 queries