IFrame authentication

From: Arno Richard (ArnoRichard_at_discussions.microsoft.com)
Date: 10/21/04 

Date: Thu, 21 Oct 2004 05:05:08 -0700

dear community,

I'm creating a .Net web portal application that will host other web
applications. This is a C# web app with .Net Framework 1.1 SP1, running on
Windows 2003 servers. These other applications may require authentication or
not, and I may have control (=source code) over these applications or not.

These applications will be such as a Windows Sharepoint Services site, an
other web application in the same domain, or a 3rd party application on an
external domain requiring Basic authentication.
The web portal will work using forms authentication, and it will manage the
users from start to end; I mean, it will know the username & password for a
user for all the application he/she will need to access: Windows account for
Sharepoint, etc.

The idea is to have the 'hosted' application running in a IFrame, so that I
can keep my portal navigation around it.

The problem is how to automatically authenticate the user on the targetted
application, running in the IFrame. For basic authentication it used to be
possible to use the http://username:password@site.address.tldn, but that no
longer works as this has been patched away in IE6.

For a better user experience, I want to seamlessly authenticate my users
across all applications.... and can't get round to do it, and I'm wondering
now if that's possible at all, especially for the applications that I do not
control; a shame since I fully know the login credentials!

I've searched the various newsgroups, and there seems to be a lot of similar
request but couldn't find, or understand, a reply to my exact problem.

Can anybody help??? Thanks!

Best regards,
Arnaud Richard

Relevant Pages

  • Re: Need resources for SQL Server 2000 Application Roles with ASP.NET apps
    ... I have also not worked with web applications that require Windows domain ... account authentication. ... information would be authenticated at SQL Server (which uses Windows ...
    (microsoft.public.sqlserver.security)
  • Digest authentication for Windows domain servers - Active directory
    ... Our production apps running on Windows 2003 Server and most of our ... Applications are authenticated agains Active Directory. ... at Digest requires a Username and Password" ... Edit they need to provide the authentication information). ...
    (microsoft.public.inetserver.iis.security)
  • RE: FormsAuthentication ReturnUrl - need it to be Absolute
    ... I understand you have multiple ASP.NET applications ... which are using forms authentication to protect the application. ... the forms authentication cookie across multiple applications, ... If the forms authentication cross site support doesn't suit your scenario. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: security policy for many users
    ... You could write a common class, shared via assembly throughout all the apps ... For the Windows auth, why not force a minimum password? ... > We're running about 12 different ASP.NET applications. ... > 4 of these applications require authentication. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: IFrame authentication
    ... "Arno Richard" wrote: ... > Windows 2003 servers. ... and I may have control over these applications or not. ... > external domain requiring Basic authentication. ...
    (microsoft.public.dotnet.framework.aspnet.security)
Quantcast