Re: Single sign on in asp.net

From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 09/13/05

• Next message: Mahesh: "Re: Single sign on in asp.net"
• Previous message: Mahesh Agrawal: "Re: Single sign on in asp.net"
• In reply to: Mahesh Agrawal: "Re: Single sign on in asp.net"
• Next in thread: Mahesh: "Re: Single sign on in asp.net"
• Reply: Mahesh: "Re: Single sign on in asp.net"
• Reply: Mahesh: "Re: Single sign on in asp.net"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 13 Sep 2005 10:31:09 -0700

Hello Mahesh,

yes - you first have to force IIS to do auth by unchecking anonymous.

read more here:
http://msdn.microsoft.com/msdnmag/issues/05/09/SecurityBriefs/default.aspx

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> Hi
>
> I have the same problem. From your discussion, I would like to know
> the steps to allow login once into the domain and then access all the
> applications you have access to:
>
> 1) Do I uncheck(disable) Anonymous and Integrated login on the
> application?
> 2) What else do i need to do so that user does not get the UI for
> login
> once he is already in the domain.
> 3) If i have 2 separate domains a)My web server is in domain 1(say)
> and Active directory and users are sitting in domain 2(say). Is there
> a way to allow single logins in this scenario, where user is logged
> onto his machine in domain 2 and he is access web application from
> domain 1 with otu ever having to type his username and password again.
> Both the domain are for the same company
>
> *** Sent via Developersdex http://www.developersdex.com ***
>

---

• Next message: Mahesh: "Re: Single sign on in asp.net"
• Previous message: Mahesh Agrawal: "Re: Single sign on in asp.net"
• In reply to: Mahesh Agrawal: "Re: Single sign on in asp.net"
• Next in thread: Mahesh: "Re: Single sign on in asp.net"
• Reply: Mahesh: "Re: Single sign on in asp.net"
• Reply: Mahesh: "Re: Single sign on in asp.net"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Securing static files ... Dominick Baier - DevelopMentor ... they are kicked back to the login page. ... The user may log in with other credentials. ... (microsoft.public.dotnet.framework.aspnet.security) Re: Securing static files ... Dominick Baier - DevelopMentor ... they are kicked back to the login page. ... The user may log in with other credentials. ... (microsoft.public.dotnet.framework.aspnet.security) Re: How to disable WinNT Login Prompt ... does the anonymous account and the worker process account have read access to all resources? ... Dominick Baier, DevelopMentor ... will auto-login, or prompt for a login, instead I get a WinNT login ... (microsoft.public.dotnet.framework.aspnet.security) Re: Role based security question ... you could do that in your login page - query the roles and do a response redirect.. ... Dominick Baier - DevelopMentor ... How can I restrict access to portions of the site unless the appropriate login is provided, but not require a login for the site as a whole? ... (microsoft.public.dotnet.framework.aspnet.security) Re: STMP Auth Failure ... >LOGIN unless the session is encrypted. ... allowing PLAIN and LOGIN SMTP AUTH is no greater risk ... (Fedora)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.dotnet.security  > 2005-09