Going from anonymous security to Windows Security in an ASP.NET application

Hi,

I have the following problem:

1) We have to validate users on an anonymous/public-website using a custom
login page.

2) From this login page we redirect them to an extranet site, which shows
them sharepoint information, etc. e.g. from this point on their web requests
should be performed with their impersonated identities not as anonymous
users. The extranet sites uses Windows Integrated Security, while the "main
site" uses anonymous logins.

For them to use the sharepoint functionality we need to impersonate a
windows user that have the correct access to sharepoint. I have gotten so
far as to do the impersonation:

imp = New ImpersonationWrapper

imp.ImpersonateUser("username", "password", "domain")

Me.Context.User = New
System.Security.Principal.WindowsPrincipal(imp.NewId)Me.Cache.Add("W",
Me.Context.User, Nothing, DateTime.MaxValue, New TimeSpan(0, 10, 0),
CacheItemPriority.High, Nothing)


This sets the request context to the correct windows user, using a small
wrapper class around the Win32 LogonUser() API. I can now cache the
IPrincipal and set the context in each form_load() from this point on:

Me.Context.User = CType(Me.Cache("W"), IPrincipal)

My problem is that when I, for example, load the sharepoint page in an
IFRAME on the page, it is not using my impersonated user because the
sharepoint page is located in another web application or something?!?!

Do any of you have a good approach for doing this?!

Thanks in advance!

Michael


.

Relevant Pages

  • Re: Disable everything except for a web site authentication.
    ... Give them a login script which checks machine of login and ... > We could take care of tightening firewall for traffic to these servers, ... > I shall check the policy of our domain for new accounts and their rights, ... >> Sharepoint grants are well administered. ...
    (microsoft.public.win2000.security)
  • Re: client impersonation
    ... While you are able to retrieve the login names of all current ... Why not create a simple client autostart ... tool that makes a request to the webservice with the user's login ... impersonate the client user to have the appropriate rights on the ...
    (microsoft.public.win32.programmer.tapi)
  • Re: Security Login not being required.
    ... Users can access the Sharepoint top leve site who have AD accounts. ... These same users can open and edit documents, this is all w/o being added ... > As a rule anytime SPS or WSS prompt a user for a login something is wrong. ... > logged into the network. ...
    (microsoft.public.sharepoint.portalserver)
  • RE: Problem with changing passwords
    ... > security policy as well as in the default domain controller security policy ... > which are the group policies of my sharepoint ou. ... >> I have a wss installed in account creation mode. ... If I login to the wss ...
    (microsoft.public.sharepoint.windowsservices)
  • Windows Authentication
    ... I'm not sure about VB6, but there is a mechanism in Win32 ... user for a username/password and use these to impersonate ... >I am using Windows Authentication in SQL so that I don't ... >are created as a single login. ...
    (microsoft.public.sqlserver.security)