asp.net-corecachingblazor-server-sidewindows-authentication

How can I prevent the browser caching credentials of the logged in user, when user enters my Blazor server side web app?


I have a blazor server side app with windows authentication. How can I programmatically prevent the browser, caching the logged in user's credentials?

I need this therefore because I want to force the browser to ask the credentials each time user enters my web app.


Solution

  • If we enable windows authentication like below in IIS site, we can't log out the user.

    enter image description here

    Here this the detailed description.

    enter image description here

    **WorkAround**

    If you still want to implement this feature, we can use form authentication(or others) like below.

    enter image description here

    And create a custom call the advapi32.dll in backend method. Here is the detailed code sample you can refer.

    Any browser (Safari, Chrome or Edge) on iPhone is not prompting for Windows Authentication

    The we can keep to use windows ad users to log in this application.

    For logout method, something like below:

    [HttpPost]
    public IActionResult Logout()
    {
        HttpContext.SignOutAsync();
        return RedirectToAction("Login");
    }