Passing windows credentials from server to server.

• Previous message: Robert: "user account "asp.net machine a...""
• Next in thread: Andrea D'Onofrio [MSFT]: "Re: Passing windows credentials from server to server."
• Reply: Andrea D'Onofrio [MSFT]: "Re: Passing windows credentials from server to server."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 27 Dec 2003 11:24:32 -0700

Hello,

I have been desperately trying to programmatically authenticate a windows
user, create their credentials, and then redirect them to a different server
while passing the credentials at the same time so that they don't have to
login again.

Specifically, I have two webservers in the same domain. When I have a user
go to Webserver A (which uses basic authentication) I programmatically
create either a user credential or impersonate a user context (for now it's
hardcoded, but in the future it would be entered in forms). Then, I want to
let that user access a page on Webserver B (which uses basic
authentication), but I don't want them to have to login again -- rather, I
want to use the user context that I programmatically created on Webserver A.

For instance, here is an example of the code I use to create the user
credentials:

    Dim strURI = "http://www.whatever.com"
    Dim myCred As New NetworkCredential("userid", "password", "domain")
    Dim myURI As New Uri(strURI)
    Dim myCache As New CredentialCache
    myCache.Add(myURI, "Basic", myCred)

>From this, I have attempted to use WebRequests and WebResponses to somehow
allow me to direct the browser to a different page, and use the credential I
have generated. The most I can do, however, is create the request and
receive the response:

    Dim myWebRequest As System.Net.WebRequest =
System.Net.WebRequest.Create(strURI)
    myWebRequest.Credentials = myCache
    Dim myWebResponse As WebResponse = myWebRequest.GetResponse()

If only I could use the response.redirect method, and somehow pass the
credentials with the redirection (like you can with the webrequest), it
could work!

I have also attempted to use the LogonUser API (from the advapi32.dll), and
impersonate a user based on the proper logon information -- this works, and
I'm able to successfully impersonate the user, but again, I don't know how
to pass along the user context to a different page.

I know that many people will say "just use form based authentication," but
this will not work for me, as I want this to work with tools like Outlook
Web Access, which requires windows authentication.

Any help would be greatly appreciated. Thank you!!

Wade

• Previous message: Robert: "user account "asp.net machine a...""
• Next in thread: Andrea D'Onofrio [MSFT]: "Re: Passing windows credentials from server to server."
• Reply: Andrea D'Onofrio [MSFT]: "Re: Passing windows credentials from server to server."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]