Re: Pass credentials from one web site to another for seamless login

From: Joe Kaplan \(MVP - ADSI\) (joseph.e.kaplan_at_removethis.accenture.com)
Date: 06/25/04 

Date: Thu, 24 Jun 2004 23:49:33 -0500

What sort of authentication mechanism does the other site provide? Does it
have a login screen or does it pop up a dialog in the brower?

If it has a login screen, then in order to create an authenticated session
with them, you are going to have to write some code (probably with
HttpWebRequest) to do a form post to their login page. If they use a
dialog, then you can probably authenticate with them using the appropriate
header values (depending on how they authenticate).

Joe K.

"TS" <manofsteele@311.com> wrote in message
news:eXjHfEgWEHA.712@TK2MSFTNGP11.phx.gbl...
> I have a partner company that has a web site that I need to gain access
> through the web site in my company. I need to be able to log into my site
> and then have somekind of way to then access this other site that also
> requires a login in a way that allows me to pass a set of credentials to
> this other site which uses those credentials to log me in so that I don't
> have to log in again. The credentials that I want to pass would be a
> predetermined set of credentials based on the credentials used to login to
> my site; one for read only or one for admin priveledges.
>
> I am using windows authentication on my web site, and the other site is
> using session authentication using Java and Cold Fusion. The sites are on
> different networks at 2 separate companies.
>
> I figure what I can do is pass credentials to one of their web pages that
> creates a session for the browser, and authorizes this session as READ
ONLY
> or Admin and then will redirect to the appropriate place on their site.
>
> Does this sound good or do I need to do something else?
>
> If I use this approach, what are my options to pass these credentials?
>
> thanks!
>
>

Relevant Pages

  • Re: Securing static files
    ... It's not the session - it's the authentication timeout - you can set the timeout in the element in web.config. ... they are kicked back to the login page. ... The user may log in with other credentials. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: IE asks to authenticate; User and workstations are domain memb
    ... settings) then the default "Automatic Login in Intranet" comes into place. ... credentials that are identical to their interactive Windows session, ... I've tried to change Authentication Providers ...
    (microsoft.public.sharepoint.portalserver)
  • Re: HTTP_REFERER question
    ... there are clients that do not sent HTTP_REFERER. ... doing an authentication based on ... > On our web site we allow our members access to features hosted by another ... When our users login to go to the other site, ...
    (microsoft.public.inetserver.asp.general)
  • Re: Outlook Web Access Problem
    ... users providing NTLM credentials. ... If you only have one web site, the Default Web Site, you would want to make ... I have checked authentication scheme and it is: ... > Basic authentication and windows integration. ...
    (microsoft.public.exchange.misc)
  • Re: Getting Logged in Windows user name
    ... I think you are going to need to provide some sort of login facility in your ... don't see how you could get the credentials the user used to sign in to IIS. ... To do the actual authentication, perhaps you can just stick a web service on ...
    (microsoft.public.dotnet.security)