I am using "windows" authentication, and in IIS I have selected the Basic Authentication option so now when I go the the site I have the dialog box that I input my username and password.

The problem is this, unless I close the browser window and authentication sticks and I can go to somewhere else like google then go back to my site and it automatically logs me back in.

Is there a way that I can create a "logoff" routine??
Regards,


Matt

I've only dealt with Forms authentication myself...

It may be possible a cookie is being saved in your temp dir, and that cookie is providing the necessary credentials when you return (so long as the session hasn't expired ~ 20 mins). You could create a logout page that fires Session.Abandon when it loads.

Yeah I had wondered about that, but that just kills the session. That type of authentication doesn't use the session state object.

Thanks,


Matt.

You can use Mozilla to test this, once you browse to your app, and a cookie is issued, Mozilla will notify you by default. Or at the very least, if not enabled in recent versions by default, its available under Page Info.