Form authentication via LogonUser does not pass credentials to ifr
From: Andrew van der Stock (Stock_at_discussions.microsoft.com)
Date: 07/22/04
- Previous message: uttara: "basic authentication"
- Next in thread: Vin McLellan: "Re: Form authentication via LogonUser does not pass credentials to ifr"
- Reply: Vin McLellan: "Re: Form authentication via LogonUser does not pass credentials to ifr"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 21 Jul 2004 17:23:01 -0700
Hi there,
we are trying to use a web form to authenticate users against Active Directory on .NET 1.1 running under Windows 2003.
The authentication using LogonUser works just fine, and we can assert things like
if ( Context.User.Identity.IsAuthenticated )
{ do stuff }
on another page after returning from the logon page as defined in web.config. So far, so good.
However, when we try to include an iframe, the credentials the user has signed in do not pass to the iframe. It might be easier to describe what I am trying to do, as there may be a better way.
We are trying to allow Internet users to authenticate via SecurID to AD protected resources inside the client's network. We have tried various approaches, including RSA ClearTrust, but for various reasons, this didn't work. The network is like this:
browser -> Internet -> Checkpoint -> ISA Server web publishing rule integrated with RSA SecurID (FP1) -> myADauth page -> iframe to resource
We have modified the SecurID login pages on the ISA server to include a password, which is not used by SecurID authentication, but passes it on using a post to the logon page in my app after SecurID authentication. This works.
Once the post has completed with a correct credential, we are authenticated, and the iframe attempts to load. However, the Sharepoint or OWA resource within the iframe presents a basic digest logon request.
The iframe is using a URL that is also published by ISA web publishing rules, so essentially there is no reverse proxy issue. The only issue is that we cannot provide cross-site authentication, and we would like to.
Any clues gratefully received,
Andrew van der Stock
- Previous message: uttara: "basic authentication"
- Next in thread: Vin McLellan: "Re: Form authentication via LogonUser does not pass credentials to ifr"
- Reply: Vin McLellan: "Re: Form authentication via LogonUser does not pass credentials to ifr"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
