Re: Web Authentication using Active Directory
From: Steve T. (anonymous_at_discussions.microsoft.com)
Date: 02/25/04
- Next message: rlim: "Giving developer rights to access IIS 5.0"
- Previous message: Gonenc Ercan: "Re: Anonymous Access"
- In reply to: Gonenc Ercan: "Re: Web Authentication using Active Directory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 25 Feb 2004 12:36:12 -0800
I am using a stand alone active directory for a user database and group management since this server has pages dynamically created depending on what group membership this person has. This server was created orignally by someone else that was part of a corp domain and I made it stand alone since I don't want clients accessing our internal domain, just this one. This site serves both internal employees and clients (the internal employees have more features since they are members of more groups).
As far as integrated login page, I wanted to use the actual login the site instead of using session variables - since each area checks the group membership by the use of winnt://xxxxx command. - if they are not a member, it returns an error message saying user is not authorized to use this function.
Thanks,
Steve T.
----- Gonenc Ercan wrote: -----
I dont really get the idea of having a stand alone active directory, are you
just using it as a database? You dont have a domain?
Anyways I think i got an idea. Just have integrated authentication in your
login page. For the other pages check the Anonymous Access (I am asuming
that you are using ASP scripts). after authenticating the user set some
session variables (maybe the identity of the user if you need it) indicating
that the user is already authenticated and check for the presence of these
session variables to see if the user authenticated itself.
"Steve T." <anonymous@discussions.microsoft.com> wrote in message
news:08D132A7-7015-4D75-BF7A-841423166521@microsoft.com...
> I don't plan on opening any ports up outside the firewall - only using
port 80 by the use of a VLAN. So basically the only way to do this is
through a pop up box that authenticates clients ? I thought there would be
an easier method in doing this without pop up boxes.
> Thanks,
> Steve T.
>> ----- Keith W. McCammon wrote: -----
>> The number one reason that this isn't done is because it essentially
> requires LAN-style communication between the client and the server.
And
> I'll be damned if I've ever meet anyone that wanted to open up the
entire
> host of Windows authentication ports on their web server to the
outside
> world.
>> Systems like Passport (I'm not advocating Passport, just using the
model as
> an example) are the optimal way to get around this. People are going
to
> have to authenticate themselves to your site--you should want them to
do
> this. And by using a well designed application, they'll only have to
do it
> once, which is about as good as it gets.
>> "Steve T." <anonymous@discussions.microsoft.com> wrote in message
> news:316FD5A2-552B-4290-B3AB-8F380B85B884@microsoft.com...
>> I have been trying to figure out what is the best solution for
setting up
> a client portal where they can log into a web page on IIS5 (not using
> ASP.NET) instead of using the annoying pop up box to authenticate
with
> Active Directory User Accounts and be able to go anywhere on the site
> without the box popping up. I was successful in authenticating the
> password via login page, but when I try to go anywhere else, the
annoying
> box pops up asking for my user id. The server is a stand alone
domain
> controller using Active Directory.
>>> Any advice to direct me - even an URL would be ideal - I have
searched
> hundreds of articles but all of them fail to tell me what to do. I
don't
> want to do a scenario where it changes the password to the same
password -
> should there be a better solution to this?
>>> Thanks,
>> Steve T.
>>>
- Next message: rlim: "Giving developer rights to access IIS 5.0"
- Previous message: Gonenc Ercan: "Re: Anonymous Access"
- In reply to: Gonenc Ercan: "Re: Web Authentication using Active Directory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
