Re: Single Sign On - from anywhere
- From: Dominick Baier [DevelopMentor] <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 26 Jan 2006 06:35:03 +0000 (UTC)
Hi,
what do you mean with access files, db etc - you mean via the browser interface? Are these resource local or remote to the web server
1) IE is the only browser that supports kerberos directly. There are NTLM plugins for Firefox and Mozilla, but AFAIK they don't provide seamless login (without providing credentials)
2) this could be done with NTLM or some other HTTP auth mechanism
some points:
- for delegation to work you need kerberos end to end. Only IE supports Kerberos. IIS6 (in a W2k3 functionality level domain) supports transitioning between non-delegatable protocols like NTLM to Kerberos
- you need SSL - regardless of the authentication technique
--------------------------------------- Dominick Baier - DevelopMentor http://www.leastprivilege.com
Hi;
I think this can be done. I want to be able to do the following: 1) User hits my ASP.NET app from a browser running on Windows XP, and there is a trust relationship between the domain they are logged in as on their workstation and the domain of the server I am running on -> I get their credentials with their not having to enter a username/password and I can then open files and access a database as them. Using any browser, not just IE. 2) They or on a workgroup (not domain) or on a system without a trust relationship, or on a non-Windows O/S, they are then prompted for their username/password on the domain my server is running on and once they enter it, I get their credentials, and I never see or touch their password. And again, I can then open files & access the database as them.
Can this be done? And if so, any urls to a simple example?
.
- Follow-Ups:
- Re: Single Sign On - from anywhere
- From: David Thielen
- Re: Single Sign On - from anywhere
- Prev by Date: RE: Single Sign On - from anywhere
- Next by Date: Re: AccessMembershipProvider
- Previous by thread: RE: Single Sign On - from anywhere
- Next by thread: Re: Single Sign On - from anywhere
- Index(es):
Relevant Pages
|
|
