Re: Replacing IIS Loging Dialog with my own
From: Karl Levinson [x y] mvp (levinson_k_at_despammed.com)
Date: 07/03/03
- Next message: John McDermidt: "Multiple SSL sites on one server."
- Previous message: Vassilis Galinos: "URLSCAN makes pages with integrated authentication very slow"
- In reply to: Jerry III: "Re: Replacing IIS Loging Dialog with my own"
- Next in thread: Karl Levinson [x y] mvp: "Re: Replacing IIS Loging Dialog with my own"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 3 Jul 2003 10:21:28 -0400
... or code a web page that handles authentication, like an .ASP page that
either uses ADSI to authenticate with Windows or uses database calls to,
say, a SQL or MySQL database table or if necessary an Access database table
that contains user IDs and passwords. Searching www.google.com for some of
these keywords [especially ADSI, if you want to authenticate against Windows
accounts] should give you examples of how others have done this before.
I'm really not sure I see the advantage to discarding Basic authentication,
especially if you aren't already experienced at coding such a login page
securely. Doing it yourself is a good way to really lessen your security.
If your problem is the cost of an SSL cert to do encryption, there are ways
to do inexpensive or even free certs. Some sites with info for programming
securely include:
www.owasp.org
www.cert.org/tech_tips
http://www.cert.org/tech_tips/malicious_code_mitigation.html
http://securityadmin.info/resource.asp?category=IIS
"Jerry III" <jerryiii@hotmail.com> wrote in message
news:#4le3mTQDHA.3700@tk2msftngp13.phx.gbl...
> The only way to replace the IE authentication dialog is to write an IE
> wrapper program that would host IE and take care of the authentication
> (basically you would write your own browser and use IE to handle the HTML
> rendering).
>
> "Fred Jaw" <freddyq@iadb.org> wrote in message
> news:07d001c34119$f7547100$a301280a@phx.gbl...
> > Would somebody have an idea of how to replace the IIS
> > Login Dialog with a custom one. I could create my own and
> > disable Basic and Integrated Windows Authentication;
> > however the idea is to use the IIS Authentication for
> > security reasons.
> >
> > Thanks in advance for any tip.
>
>
- Next message: John McDermidt: "Multiple SSL sites on one server."
- Previous message: Vassilis Galinos: "URLSCAN makes pages with integrated authentication very slow"
- In reply to: Jerry III: "Re: Replacing IIS Loging Dialog with my own"
- Next in thread: Karl Levinson [x y] mvp: "Re: Replacing IIS Loging Dialog with my own"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
