Re: Web Authentication using Active Directory

From: Keith W. McCammon (km_at_km.com)
Date: 02/25/04

• Next message: Akash Kava: "JspISAPI - Run Jsp Through IIS with SSL and NTLM"
• Previous message: mick2767_at_hotmail.com: "IIS 4.0 NT OWA -STRANGE!! PLEASE HELP"
• In reply to: Steve T.: "Web Authentication using Active Directory"
• Next in thread: Steve T.: "Re: Web Authentication using Active Directory"
• Reply: Steve T.: "Re: Web Authentication using Active Directory"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 25 Feb 2004 14:28:56 -0500

The number one reason that this isn't done is because it essentially
requires LAN-style communication between the client and the server. And
I'll be damned if I've ever meet anyone that wanted to open up the entire
host of Windows authentication ports on their web server to the outside
world.

Systems like Passport (I'm not advocating Passport, just using the model as
an example) are the optimal way to get around this. People are going to
have to authenticate themselves to your site--you should want them to do
this. And by using a well designed application, they'll only have to do it
once, which is about as good as it gets.

"Steve T." <anonymous@discussions.microsoft.com> wrote in message
news:316FD5A2-552B-4290-B3AB-8F380B85B884@microsoft.com...
> I have been trying to figure out what is the best solution for setting up
a client portal where they can log into a web page on IIS5 (not using
ASP.NET) instead of using the annoying pop up box to authenticate with
Active Directory User Accounts and be able to go anywhere on the site
without the box popping up. I was successful in authenticating the
password via login page, but when I try to go anywhere else, the annoying
box pops up asking for my user id. The server is a stand alone domain
controller using Active Directory.
>
> Any advice to direct me - even an URL would be ideal - I have searched
hundreds of articles but all of them fail to tell me what to do. I don't
want to do a scenario where it changes the password to the same password -
should there be a better solution to this?
>
> Thanks,
> Steve T.

---

• Next message: Akash Kava: "JspISAPI - Run Jsp Through IIS with SSL and NTLM"
• Previous message: mick2767_at_hotmail.com: "IIS 4.0 NT OWA -STRANGE!! PLEASE HELP"
• In reply to: Steve T.: "Web Authentication using Active Directory"
• Next in thread: Steve T.: "Re: Web Authentication using Active Directory"
• Reply: Steve T.: "Re: Web Authentication using Active Directory"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Java GSS/Kerberos issue - Autheticating server ... I can authenticate as that particular principal in the client portion of the ... I have a server and a client portion of code that pass GSS-wrapped kerberos ... Client authenticates to kerberos server and logs in, ... (comp.protocols.kerberos) SSL - Different procedures to authenticate Server and Client ... Why in SSL the procedure to authenticate the Client (see ... below) is not the same to authenticate the Server (see ... the public key in the certificate. ... (Security-Basics) Re: 2003 server in a NT4 Domain. ... > network drive was created on the client. ... > domain and was able to see the shared resources on the 2003 server. ... Separate "See" as in browse from Authenticate. ... >>Report exact error messages. ... (microsoft.public.win2000.active_directory) Re: Postfix + Auth + SSL + pop3s/imaps ... users to authenticate can run unprivileged and request saslauthd to ... Otherwise the server must run as root in order to access ... would a mail server that uses port ... and client will exchange keys and an encrypted session is initiated. ... (freebsd-questions) Re: Java GSS/Kerberos issue - Autheticating server ... Client authenticates to kerberos server and logs in, ... Generates a login context and tries to authenticate against the ... (comp.protocols.kerberos)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)