Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How to stop IE 6 caching passwords on SSL connection

Status
Not open for further replies.
routerman

routerman

Technical User
Jul 15, 2002
490
GB
I was setting up a PIX last week for VPN, no problem there, but the customer also wanted to use SSL direct through the firewall, and we ended up with this problem. I think it may be a browser issue, but that is outside my knowledege area, so I'm asking for help here.

My customers has a server that supports SSL connections, and I configured the PIX to allow an external user HTTPS access to this server, although relatively insecure that worked fine.

To improve security I set up the PIX to provide cut-through proxy support, using this the user is presented with a username/password dialogue box when the initial connection is made, this is authenticated against his Radius server, then the connection is passed through to the server. This is SSL from the user through the firewall to the server.

The problem we saw occurred on the second login attempt, the original username and password requested by the PIX are cached by the browser, so hit OK and the connection goes straight through the PIX! Can the SSL connection modify this behaviour somehow, so when the connection is made onto the server the browser dumps the cached credentials?

Andy
 
Sort by date Sort by votes
That's got nothing to do with SSL i think.

Its more of a browser issue.
Its the client who chooses to cache the credentials, not the server.

Exept if you use somekind of cookie where the credentials are being stored, so when the cookie is saved on the client, the browser uses the cookie and of course the credentials.

TIMTOWTDI
 
Upvote 0 Downvote
Hello,
I'm facing more or less the same problem. When a single browser is opened for an application, a user logs on and closes the browser, no login information is stored. The next time he has to fill in login credentials again. But when another browserwindow was opened before opening the browserwindow using the application, credentials are stored after closing this second browserwindow. Looks like information in cache is shared by all (open) browserwindows. Is there a way to prevent this?

thnx,
John
 
Upvote 0 Downvote
Extra information on my previous post:
Pages are refreshed everytime we visit them (Internet options;General;Settings)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

moveit
  • Locked
  • Question
Firefox will not let me sign in to my Tesco account
Replies
4
Views
361
teknance
teknance
Sebastian42
  • Locked
  • Question
Blocking SSL Certificate checking
Replies
0
Views
102
Sebastian42
Sebastian42
Soisoi23
  • Locked
  • Question
Where to find a secure proxy?
Replies
4
Views
144
Mike Lewis
Mike Lewis
Tedwhite
  • Locked
  • Question
How To Fix Firefox Freezing Issue In Windows 10?
Replies
2
Views
219
Tedwhite
Tedwhite
weberm
  • Locked
  • Question
How do I keep the Favorites bar from reappearing in Windows 10? 1
Replies
2
Views
146
Finsery
Finsery

Part and Inventory Search

Sponsor

Back
Top