Re: Web Authentication using Active Directory
From: Gonenc Ercan (gonence_at_superonline.com)
Date: 02/25/04
- Next message: Gonenc Ercan: "Re: Anonymous Access"
- Previous message: Charles: "Re: IIS Snap-in and Lockdown tool"
- In reply to: Steve T.: "Re: Web Authentication using Active Directory"
- Next in thread: Steve T.: "Re: Web Authentication using Active Directory"
- Reply: Steve T.: "Re: Web Authentication using Active Directory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 25 Feb 2004 22:15:52 +0200
I dont really get the idea of having a stand alone active directory, are you
just using it as a database? You dont have a domain?
Anyways I think i got an idea. Just have integrated authentication in your
login page. For the other pages check the Anonymous Access (I am asuming
that you are using ASP scripts). after authenticating the user set some
session variables (maybe the identity of the user if you need it) indicating
that the user is already authenticated and check for the presence of these
session variables to see if the user authenticated itself.
"Steve T." <anonymous@discussions.microsoft.com> wrote in message
news:08D132A7-7015-4D75-BF7A-841423166521@microsoft.com...
> I don't plan on opening any ports up outside the firewall - only using
port 80 by the use of a VLAN. So basically the only way to do this is
through a pop up box that authenticates clients ? I thought there would be
an easier method in doing this without pop up boxes.
> Thanks,
> Steve T.
>
> ----- Keith W. McCammon wrote: -----
>
> The number one reason that this isn't done is because it essentially
> requires LAN-style communication between the client and the server.
And
> I'll be damned if I've ever meet anyone that wanted to open up the
entire
> host of Windows authentication ports on their web server to the
outside
> world.
>
> Systems like Passport (I'm not advocating Passport, just using the
model as
> an example) are the optimal way to get around this. People are going
to
> have to authenticate themselves to your site--you should want them to
do
> this. And by using a well designed application, they'll only have to
do it
> once, which is about as good as it gets.
>
> "Steve T." <anonymous@discussions.microsoft.com> wrote in message
> news:316FD5A2-552B-4290-B3AB-8F380B85B884@microsoft.com...
> > I have been trying to figure out what is the best solution for
setting up
> a client portal where they can log into a web page on IIS5 (not using
> ASP.NET) instead of using the annoying pop up box to authenticate
with
> Active Directory User Accounts and be able to go anywhere on the site
> without the box popping up. I was successful in authenticating the
> password via login page, but when I try to go anywhere else, the
annoying
> box pops up asking for my user id. The server is a stand alone
domain
> controller using Active Directory.
> >> Any advice to direct me - even an URL would be ideal - I have
searched
> hundreds of articles but all of them fail to tell me what to do. I
don't
> want to do a scenario where it changes the password to the same
password -
> should there be a better solution to this?
> >> Thanks,
> > Steve T.
>
>
>
- Next message: Gonenc Ercan: "Re: Anonymous Access"
- Previous message: Charles: "Re: IIS Snap-in and Lockdown tool"
- In reply to: Steve T.: "Re: Web Authentication using Active Directory"
- Next in thread: Steve T.: "Re: Web Authentication using Active Directory"
- Reply: Steve T.: "Re: Web Authentication using Active Directory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
