Authentication between two sites...

TheMSsForum.com: The Microsoft Software Forum

Hi,

I have a website on the LAN running ASP and for software reasons, there
needs to be two websites. One of the pages redirects to the other website to
run the script and then back to the main site.

I need Windows Authentication for security but I would like the user to have
to authenticate only once, rather than three times.

Is there anyway to carry the user credentials over from the first
authenticated session in the browser?

ta!
Top

Re: Authentication between two sites... by paul_lynch67

paul_lynch67
Fri Jul 11 14:58:12 CDT 2003

Hello,

According to this article you can only achieve this with Kerberos.
NTLM authentication is limited in that :

"Also, Windows NT Challenge/Response does not support double-hop
impersonations (meaning that once passed to the IIS server, the same
credentials cannot be passed to a back-end server for authentication,
for example, when IIS uses Windows NT Challenge/Response, it cannot
then authenticate the user against a SQL Server database on another
computer by using SQL Integrated security)."

INFO: How IIS Authenticates Browser Clients
http://support.microsoft.com/?id=264921

Regards,

Paul Lynch
MCSE


"wrk" <wrk@wrk.com> wrote in message news:<uBhdyC6RDHA.304@tk2msftngp13.phx.gbl>...
> Hi,
>
> I have a website on the LAN running ASP and for software reasons, there
> needs to be two websites. One of the pages redirects to the other website to
> run the script and then back to the main site.
>
> I need Windows Authentication for security but I would like the user to have
> to authenticate only once, rather than three times.
>
> Is there anyway to carry the user credentials over from the first
> authenticated session in the browser?
>
> ta!
Top

Re: Authentication between two sites... by wrk

wrk
Fri Jul 11 17:21:21 CDT 2003

Paul, I will check this out (reality) and post back on this thread ;-)

"Paul Lynch" <paul_lynch67@hotmail.com> wrote in message
news:96f970c7.0307111158.59590bce@posting.google.com...
> Hello,
>
> According to this article you can only achieve this with Kerberos.
> NTLM authentication is limited in that :
>
> "Also, Windows NT Challenge/Response does not support double-hop
> impersonations (meaning that once passed to the IIS server, the same
> credentials cannot be passed to a back-end server for authentication,
> for example, when IIS uses Windows NT Challenge/Response, it cannot
> then authenticate the user against a SQL Server database on another
> computer by using SQL Integrated security)."
>
> INFO: How IIS Authenticates Browser Clients
> http://support.microsoft.com/?id=264921
>
> Regards,
>
> Paul Lynch
> MCSE
>
>
> "wrk" <wrk@wrk.com> wrote in message
news:<uBhdyC6RDHA.304@tk2msftngp13.phx.gbl>...
> > Hi,
> >
> > I have a website on the LAN running ASP and for software reasons, there
> > needs to be two websites. One of the pages redirects to the other
website to
> > run the script and then back to the main site.
> >
> > I need Windows Authentication for security but I would like the user to
have
> > to authenticate only once, rather than three times.
> >
> > Is there anyway to carry the user credentials over from the first
> > authenticated session in the browser?
> >
> > ta!


Top