11-04-2010 11:48 AM
I am having issues killing the session that is established when I make a connection the MDS. Basically, we are using NTLM Authentication the following is what happens.
1. Open HTTPConnection URL with no credentials.
2. Receive 401 Unauthorized Error from server (need to provide Authorization request header)
3. Add credentials to request, resend
4. Receive 200 from server. Connection is made and content can be retrieved.
The issue is, with every following request I make, I get a 200 back the first time, which is nice. However, I need to be able to log out the user. My guess is that the BES is maintaining the session or something along those lines, and with every request I make after a 200, it uses the same user.
Any suggestions? I can provide my connection code if that helps.
11-04-2010 02:23 PM
HTTP requests are stateless, so there is no "logout" built into http requests, it depends how the system you are connecting to is authenticating you.
Some sites use SessionIDs to maintain a "State" . Perhaps you need to send some parameters to logout. Or maybe just get rid of your session ID if you have one.
11-04-2010 11:17 PM
The system I am connecting to uses NTLM authentication with Active Directory. I'm not 100% sure how the BES is set up.... but it just always remember me after I make the first valid connection (200). I need to figure out some way to invalidate the connection/session.