Re: Silent Authentication

The best way to do this would be to create a second site to the same
content. That's the way SharePoint deals with the same type of problem.
You might be able to do something by having only the first page request
authentication and then on failure directing the browser to a second page
that does not require authentication, but I haven't tried it. You would
enable WIA and Anon on the whole site, then only on the first page change
the ntfs file permissions to allow only your AD users. If you have set their
browsers up with the right settings they will auto logon, but others will
fail and go on to the second page and to the rest of the site.
Anthony
http://www.airdesk.co.uk






<atemwende@xxxxxxxxx> wrote in message
news:1178914764.319997.192430@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I am designing an intranet site. All content is unprotected - anybody
on the intranet should be able to see everything. There is a
requirement to provide silent authentication against corporate Active
Directory whenever possible; in other words, when a user navigates to
the home page, we want to read some data from AD and provide
personalization if possible; however, if a visitor comes without AD
credentials (e.g. using a browser on a UNIX box not integrated with
AD), we would still authorize access and provide default user
experience. Under no circumstances should a user be prompted to log
in.

I need to have anonymous access enabled to allow for search engines to
"spider" this site, allow access for people who can't authenticate
with Windows Authentication, and avoid breaking other sites that
connect to the content of this site.

Basic Authentication seems like a perfect solution, but it forces a
logon dialogue for Firefox users (IE seems to do what I would like -
automatically replies to the challenge in the WWW-Authenticate header
of 401 response).

It seems like there should be a way to accomplish what I want. Please,
help.



.

Relevant Pages

  • Re: Substituting new Context.User.Identity for Authentication in SPS 2003
    ... MS SharePoint Portal Server does not perform authentication. ... MS SPS does perform authorization based on a Windows account presented ... Since SPS is accessed via a browser, ...
    (microsoft.public.sharepoint.portalserver.development)
  • Re: Soymail not working with WASD
    ... A 404 can also indicate the server account does not have permission to access the file entry in the parent directory and therefore does not 'see' it during the directory search. ... Once authentication is going I suspect we may be back to analysing the originally reported 404 error. ... WATCH is a tool that if it doesn't indicate exactly the reason for any given server behaviour usually provides a very good hint. ... which should provide you with a browser username/password dialog box requesting authentication for "SKELKEY". ...
    (comp.os.vms)
  • Re: ASP and NTFS
    ... If you are using a HTTP based authentication mechanism (eg NTLM, Basic, ... then the browser needs to send the appropriate credentials in ... > be able to redirect with the user name and password they already ...
    (microsoft.public.inetserver.iis.security)
  • Re: Forms Based Authentication and the OpenWave Browsers
    ... Try taking this redirect out of the try...catch; ... > Authentication in cookie enabled WAP browsers. ... > Samsung Browser, Forms Authentication and RedirectFromLoginPage - This is ... > Open Wave Browser and Cookies - While regression testing my new change, ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: IIS Log Files logs 401 HTTP Codes
    ... the browser makes requests assuming no authentication is ... Suppose the browser makes an anonymous request to a server that REQUIRES ...
    (microsoft.public.inetserver.iis.security)