Re: How to Implement a Single Logon Across Multiple Web Servers

From: Leslie (leslieguo@techsemicon.com.sg)
Date: 01/08/03


From: "Leslie" <leslieguo@techsemicon.com.sg>
Date: Wed, 8 Jan 2003 17:25:00 +0800

We also got concern with Basic + SSL :-) The encryption might slow down the
request. Also, for those staff having their own pc, no prompt at all as we
use Integrated.

Regards,

Leslie

"BB" <Bernard_at_3exp.com> wrote in message
news:#a8#TrstCHA.1776@TK2MSFTNGP10...
> Basic + SSL should serve your security reason.
>
> Rgds.
>
> "Leslie" <leslieguo@techsemicon.com.sg> wrote in message
> news:uPFGoostCHA.2596@TK2MSFTNGP12...
> > We need to use Integrated for security reason.
> >
> > "Karl Levinson [x y] mvp" <levinson_k@excite.com> wrote in message
> > news:OxxmvMmtCHA.1632@TK2MSFTNGP12...
> > > Is there any reason why Windows integrated is being used instead of
> Basic?
> > > It seems to me switching to basic would fix the problem.
> > >
> > > If Windows integrated was chosen because Basic passes passwords in
plain
> > > text, I'm not sure Windows integrated is necessarily that much more
> > secure,
> > > depending on how your computers are set up and whether they are using
> the
> > > default settings.
> > >
> > > I would think the code in that Microsoft article would still work...
you
> > > might need to change the variable names, possibly, not sure.
> > >
> > >
> > > "Leslie" <leslieguo@techsemicon.com.sg> wrote in message
> > > news:OdVD2FltCHA.2396@TK2MSFTNGP10...
> > > > Current Situation
> > > > 1. In our Intranet environment, all common pc are log on as id xxxx
> who
> > > are
> > > > belong to group A.
> > > > 2. Group A has no access to all intranet websites. e.g.
(iss.test.com
> ,
> > > > hr.test.com, etc)
> > > > 3. So when user using common pc to access iss.test.com, they are
> > prompted
> > > to
> > > > key in their own id & password for the first time, subsequent access
> to
> > > the
> > > > same website will not be prompted again. But if they access another
> > > website,
> > > > say hr.test.com, they will be prompted again even in the same IE
> > instance.
> > > >
> > > > Question :
> > > > How to make it prompt once for all the websites ? How to
> programatically
> > > > access the website so that the credential will be cached at IE ? We
> are
> > > > using IIS 5 Integrated authentication.
> > > >
> > > > (Microsoft has solution if basic authentication is used. See their
> > > Knowledge
> > > > Base article.
> > > > PSS ID Number: Q281408
> > > > How to Implement a Single Logon Across Multiple Web Servers)
> > > >
> > > >
> > >
> > >
> >
> >
>



Relevant Pages

  • Re: How to Implement a Single Logon Across Multiple Web Servers
    ... Integrated authentication is any faster or more secure than Basic with SSL? ... Also, for those staff having their own pc, no prompt at all as we ... >>> We need to use Integrated for security reason. ...
    (microsoft.public.inetserver.iis.security)
  • Re: How to Implement a Single Logon Across Multiple Web Servers
    ... We need to use Integrated for security reason. ... >> same website will not be prompted again. ... >> How to make it prompt once for all the websites? ... >> using IIS 5 Integrated authentication. ...
    (microsoft.public.inetserver.iis.security)
  • Re: IIS4 --> Common Name??
    ... And you can't use host headers and SSL. ... if not you will be prompt ... > I am at a lost, could someone please explain this to me, before I get the ... > I completely do not understand, and more time evaluating the product? ...
    (microsoft.public.inetserver.iis.security)
  • Re: SSL versus logon
    ... prompt http://freeweb.siol.net/mpihler/certnottrusted.jpg -- this prompt is ... do I really want to use SSL with untrusted certificate. ... >> logon procedure? ...
    (microsoft.public.windows.server.general)
  • Re: Password is cancelled
    ... presented with another password prompt. ... >basic authentication over SSL. ... >behavior to browsing to a Windows-based local network. ...
    (microsoft.public.inetserver.iis.security)