Re: Passing windows credentials from server to server.

From: Wade Wegner (wwegner23_at_hotmail.com)
Date: 12/30/03

Next message: Andrea D'Onofrio [MSFT]: "Re: Passing windows credentials from server to server."

Previous message: Holly Mazerolle: "Re: Access to the path is denied"
In reply to: Andrea D'Onofrio [MSFT]: "Re: Passing windows credentials from server to server."
Next in thread: Andrea D'Onofrio [MSFT]: "Re: Passing windows credentials from server to server."
Reply: Andrea D'Onofrio [MSFT]: "Re: Passing windows credentials from server to server."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 30 Dec 2003 07:56:17 -0700

I would be very interested to hear your explanation, and know how to do
it -- especially if it's easily solved.

FYI - below I did specify that Server B uses windows authentication.

Thanks,

Wade

"Andrea D'Onofrio [MSFT]" <andreado@online.microsoft.com> wrote in message
news:%23yYg8OszDHA.1676@TK2MSFTNGP12.phx.gbl...
> Hi,
> can you set on server B windows authentication? If yes, you can easily
solve
> your problem by turning on impersonation in server A's web.config.
>
> HtH,
> Andrea
>
> "Wade Wegner" <wwegner23@hotmail.com> wrote in message
> news:OEOFuaKzDHA.1196@TK2MSFTNGP12.phx.gbl...
> > Hello,
> >
> > I have been desperately trying to programmatically authenticate a
windows
> > user, create their credentials, and then redirect them to a different
> server
> > while passing the credentials at the same time so that they don't have
to
> > login again.
> >
> > Specifically, I have two webservers in the same domain. When I have a
> user
> > go to Webserver A (which uses basic authentication) I programmatically
> > create either a user credential or impersonate a user context (for now
> it's
> > hardcoded, but in the future it would be entered in forms). Then, I
want
> to
> > let that user access a page on Webserver B (which uses basic
> > authentication), but I don't want them to have to login again -- rather,
I
> > want to use the user context that I programmatically created on
Webserver
> A.
> >
> > For instance, here is an example of the code I use to create the user
> > credentials:
> >
> > Dim strURI = "http://www.whatever.com"
> > Dim myCred As New NetworkCredential("userid", "password", "domain")
> > Dim myURI As New Uri(strURI)
> > Dim myCache As New CredentialCache
> > myCache.Add(myURI, "Basic", myCred)
> >
> > From this, I have attempted to use WebRequests and WebResponses to
somehow
> > allow me to direct the browser to a different page, and use the
credential
> I
> > have generated. The most I can do, however, is create the request and
> > receive the response:
> >
> > Dim myWebRequest As System.Net.WebRequest =
> > System.Net.WebRequest.Create(strURI)
> > myWebRequest.Credentials = myCache
> > Dim myWebResponse As WebResponse = myWebRequest.GetResponse()
> >
> > If only I could use the response.redirect method, and somehow pass the
> > credentials with the redirection (like you can with the webrequest), it
> > could work!
> >
> > I have also attempted to use the LogonUser API (from the advapi32.dll),
> and
> > impersonate a user based on the proper logon information -- this works,
> and
> > I'm able to successfully impersonate the user, but again, I don't know
how
> > to pass along the user context to a different page.
> >
> > I know that many people will say "just use form based authentication,"
> but
> > this will not work for me, as I want this to work with tools like
Outlook
> > Web Access, which requires windows authentication.
> >
> > Any help would be greatly appreciated. Thank you!!
> >
> > Wade
> >
> >
> >
>
>

Next message: Andrea D'Onofrio [MSFT]: "Re: Passing windows credentials from server to server."

Previous message: Holly Mazerolle: "Re: Access to the path is denied"
In reply to: Andrea D'Onofrio [MSFT]: "Re: Passing windows credentials from server to server."
Next in thread: Andrea D'Onofrio [MSFT]: "Re: Passing windows credentials from server to server."
Reply: Andrea D'Onofrio [MSFT]: "Re: Passing windows credentials from server to server."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Passing windows credentials from server to server.
... your problem by turning on impersonation in server A's web.config. ... > while passing the credentials at the same time so that they don't have to ... > I'm able to successfully impersonate the user, but again, I don't know how ... > Web Access, which requires windows authentication. ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: winnt vs. sql auth
... The biggest benefit of using Windows Authentication is the security of the ... account access, then somewhere that account information must be stored. ... the storage of this information is on the very server that is at ... login credentials are transmitted over the network in cleartext. ...
(microsoft.public.sqlserver.server)
Re: setting security
... I had to delete client project and build it again. ... I'd also tried to send credentials to web service, ... SQL Server resides on same server as web server and you are ... >> You need to set the application to use Windows authentication. ...
(microsoft.public.dotnet.framework.aspnet.webservices)
Re: RWW
... "normal" Windows Server 2003 way... ... that this worked before trying RWW in this environment. ... enable Remote Desktop first and to add to the local Remote Desktop Users ... as well as entering credentials on the FBA logon page. ...
(microsoft.public.windows.server.sbs)
Re: Sharing/Forwarding website credentials programatically
... What you are wanting is not really delegation of credentials from the portal ... can directly contact that server). ... authentication over SSL against a standard Active Directory account. ... essentially in the request-headers or URI itself. ...
(microsoft.public.inetserver.iis.security)