Outlook Web App keeps Caching Credentials

All replies

• 

  

  0

  Sign in to vote

  Some browsers contain this functionality (e.g. Firefox). Which browser are you using? Make sure you set it to don't cache credentials or clear its current saved credentials.
  

  ---

  Michel de Rooij,
  MCITP Ent.Msg 2007+2010| MCTS W2008, Ex2007+2010 Conf, OCS2007 Conf | MCSE+Msg2k3 | MCSE+Inet2k3 | Prince2 Fnd | ITIL
  I blog on http://eightwone.wordpress.com/ and tweet on http://twitter.com/mderooij

  Monday, October 25, 2010 2:14 PM
• 

  

  0

  Sign in to vote

  I am using IE 8. But, are my Exchange configs good by having both Basic and Integrated Authentication???

  Can I prevent this caching from the Exchange side instead of the client side???

  ---

  jk

  Monday, October 25, 2010 2:19 PM
• 

  

  0

  Sign in to vote

  No you cannot as far as i know, as its a functionality of browser not the exchange.

  -Gulab

  Monday, October 25, 2010 2:26 PM
• 

  

  0

  Sign in to vote

  hi,

  what is your OS on client side?

  on windows 7 you know there is a password storing. maybe you can disable this from gpo.

   

  ---

  Mumin CICEK | Exchange - MVP | www.cozumbilisim.com.tr | www.mumincicek.com | www.cozumpark.com

  Monday, October 25, 2010 3:06 PM
• 

  

  0

  Sign in to vote

  I tried on Windows 7 and XP. On Windows 7, I deleted the browsing history (passwords) and still the same.

  ---

  jk

  Monday, October 25, 2010 3:19 PM
• 

  

  0

  Sign in to vote

  If you use Windows Integrated authentication, and you are signed into the domain, then it will automatically go in.  That is the way Windows Integrated works.  Changing to Basic authentication would force a password prompt, but you would need to ensure SSL or other mechanism to ensure the basic credential is secure, since your password is transmitted on each request.  If you are not signed into the domain, either should prompt, but IE8 will keep connected even after closing windows. IE8 has a session management feature:

  http://blogs.msdn.com/b/askie/archive/2009/05/08/session-management-within-internet-explorer-8-0.aspx

  If you have access to the registry of the computer in question, you may be able to turn this feature off based on the article above.

   

   

   

  • Proposed as answer by Alan.Gim Friday, October 29, 2010 9:21 AM
  • Marked as answer by Alan.Gim Monday, November 1, 2010 4:39 AM

  Monday, October 25, 2010 4:50 PM
• 

  

  0

  Sign in to vote

  Good point. JMK123, define ".. I use Outlook Web App remotely". Is that from a domain-joined PC or not? If the answer is yes, you could have logged in with cached credentials. Those will also be used to authenticate against OWA.

  If not, it's a browser thing.

   

  ---

  Michel de Rooij,
  MCITP Ent.Msg 2007+2010| MCTS W2008, Ex2007+2010 Conf, OCS2007 Conf | MCSE+Msg2k3 | MCSE+Inet2k3 | Prince2 Fnd | ITIL
  I blog on http://eightwone.wordpress.com/ and tweet on http://twitter.com/mderooij

  Tuesday, October 26, 2010 8:22 AM