RE: HttpWebRequest and 401
From: Charlie Nilsson [MSFT] (CharlieNilsson_CUTOUT__at_hotmail.com)
Date: 01/29/04
- Next message: HBrothers: "Using ASPNET_SETREG.exe"
- Previous message: Steve: "Re: Network Credentials not passing in Authentication mode"
- In reply to: LinuxLivz: "HttpWebRequest and 401"
- Next in thread: LinuxLivz: "Re: HttpWebRequest and 401"
- Reply: LinuxLivz: "Re: HttpWebRequest and 401"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 29 Jan 2004 17:51:03 GMT
I think you're confusing authentication types.
Read this msdn article, "IIS Authentication" on the subject or search
online on msdn.
ms-help://MS.VSCC.2003/MS.MSDNQTR.2003FEB.1033/vsent7/html/vxconIISAuthentic
ation.htm
At some point, you will need to gather authentication information from the
user (i.e. they will have to enter a username / pwd). Why use two servers
when one will suffice?
--------------------------------------------------------------------
This reply is provided AS IS, without warranty (express or implied).
--------------------
>From: linuxlivz@yahoo.com (LinuxLivz)
>Newsgroups: microsoft.public.dotnet.framework.aspnet.security
>Subject: HttpWebRequest and 401
>Date: 29 Jan 2004 06:35:21 -0800
>Organization: http://groups.google.com
>Lines: 23
>Message-ID: <a5921448.0401290635.240f1498@posting.google.com>
>NNTP-Posting-Host: 63.100.172.7
>Content-Type: text/plain; charset=ISO-8859-1
>Content-Transfer-Encoding: 8bit
>X-Trace: posting.google.com 1075386921 4534 127.0.0.1 (29 Jan 2004
14:35:21 GMT)
>X-Complaints-To: groups-abuse@google.com
>NNTP-Posting-Date: Thu, 29 Jan 2004 14:35:21 +0000 (UTC)
>Path:
cpmsftngxa07.phx.gbl!cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed00.su
l.t-online.de!t-online.de!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!po
stnews1.google.com!not-for-mail
>Xref: cpmsftngxa07.phx.gbl
microsoft.public.dotnet.framework.aspnet.security:8423
>X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
>
>Hello All
>Here is what I am attempting to do:
>
>I have a NTLM protected site. There are some users who are not part of
>the domain (visitors) get challenged with a Pop up dialog box
>prompting for a user id, pwd and domain.
>
>In oder to overcome this, I have setup a anonymous site (open to
>alll). Users would first hit this site contains a page with an
>instance of HttpWebRequest class. This class would make a call to the
>protected site with the user's credentials on behalf of the user. If
>the user has the correct credentials, then they would be passed to the
>protected site else they would be redirected to a login page (NOT the
>pop up dialog). In theory this appears to be a good idea to get rid of
>the po up dialog.
>
>However, I am unable to get the suers credentials on the anonymous
>site and pass it to the HttpWebRequest. If I use DefaultCredentials,
>then the site's user id and password are passed (IUSR_MACHINENAME). Is
>it possible to obtain the user credential on the anonymous site or is
>there another way to acoomplish this
>
>Thanks
>
- Next message: HBrothers: "Using ASPNET_SETREG.exe"
- Previous message: Steve: "Re: Network Credentials not passing in Authentication mode"
- In reply to: LinuxLivz: "HttpWebRequest and 401"
- Next in thread: LinuxLivz: "Re: HttpWebRequest and 401"
- Reply: LinuxLivz: "Re: HttpWebRequest and 401"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
