Return credentials with anonymous authentication?

Discussion in 'ASP .Net Security' started by Shimon Facterman, Aug 23, 2004.

  1. Hi all,

    This is my Scenario:
    Have a login page in Application 1 with Anoynoumous authentication.
    Using this login page I would like to receive credentials from Active
    Directory (using Directoryservices I assume),
    and somehow return them back to the client browser as if I made login in a
    Windows authenticated application.

    I need this because if login is successfull I need to redirect user to
    Application 2 which is under Windows authentication security and I don't
    want the login popup to appear (e.q the user to login again).

    Is this possible?
     
    Shimon Facterman, Aug 23, 2004
    #1
    1. Advertising

  2. Shimon Facterman

    Raterus Guest

    If I understand you correctly, this cannot be done. There is no way a webserver can pass Internet Explorer the credentials it now should use in place of its current credentials. It sounds like though that if you start Internet Explorer using the "Run As" command, you should be able to change the credentials to something other than the currently logged on user. To start using "Run As" you have to be running 2000+, find the iexplore.exe file, right click (you need to hold "shift" in windows 2000), select "Run As...", enter the new credentials, and browse to Application 2.

    Hope this helps,
    --Michael

    "Shimon Facterman" <> wrote in message news:%23Js2T$...
    > Hi all,
    >
    > This is my Scenario:
    > Have a login page in Application 1 with Anoynoumous authentication.
    > Using this login page I would like to receive credentials from Active
    > Directory (using Directoryservices I assume),
    > and somehow return them back to the client browser as if I made login in a
    > Windows authenticated application.
    >
    > I need this because if login is successfull I need to redirect user to
    > Application 2 which is under Windows authentication security and I don't
    > want the login popup to appear (e.q the user to login again).
    >
    > Is this possible?
    >
    >
     
    Raterus, Aug 23, 2004
    #2
    1. Advertising

  3. Maybe my definition was wrong.
    what I really need as the ability to get authenticated to active directory
    through custom login page in an anonymous authentication site as if
    I was now authenticating in an windows authentication site (with the gray
    username/password popup window).
    This way if i will ne next navigation to real windows authentication site I
    will no longer be needing to get authenticated again.

    Hope that is clearer now.

    "Raterus" <> wrote in message
    news:#cw#...
    If I understand you correctly, this cannot be done. There is no way a
    webserver can pass Internet Explorer the credentials it now should use in
    place of its current credentials. It sounds like though that if you start
    Internet Explorer using the "Run As" command, you should be able to change
    the credentials to something other than the currently logged on user. To
    start using "Run As" you have to be running 2000+, find the iexplore.exe
    file, right click (you need to hold "shift" in windows 2000), select "Run
    As...", enter the new credentials, and browse to Application 2.

    Hope this helps,
    --Michael

    "Shimon Facterman" <> wrote in message
    news:%23Js2T$...
    > Hi all,
    >
    > This is my Scenario:
    > Have a login page in Application 1 with Anoynoumous authentication.
    > Using this login page I would like to receive credentials from Active
    > Directory (using Directoryservices I assume),
    > and somehow return them back to the client browser as if I made login in a
    > Windows authenticated application.
    >
    > I need this because if login is successfull I need to redirect user to
    > Application 2 which is under Windows authentication security and I don't
    > want the login popup to appear (e.q the user to login again).
    >
    > Is this possible?
    >
    >
     
    Shimon Facterman, Aug 24, 2004
    #3
  4. Shimon Facterman

    Raterus Guest

    I'm sorry, but what you wrote only confused me more, can you try to explain it again with different terms?

    "Shimon Facterman" <> wrote in message news:OlpXc%...
    > Maybe my definition was wrong.
    > what I really need as the ability to get authenticated to active directory
    > through custom login page in an anonymous authentication site as if
    > I was now authenticating in an windows authentication site (with the gray
    > username/password popup window).
    > This way if i will ne next navigation to real windows authentication site I
    > will no longer be needing to get authenticated again.
    >
    > Hope that is clearer now.
    >
    > "Raterus" <> wrote in message
    > news:#cw#...
    > If I understand you correctly, this cannot be done. There is no way a
    > webserver can pass Internet Explorer the credentials it now should use in
    > place of its current credentials. It sounds like though that if you start
    > Internet Explorer using the "Run As" command, you should be able to change
    > the credentials to something other than the currently logged on user. To
    > start using "Run As" you have to be running 2000+, find the iexplore.exe
    > file, right click (you need to hold "shift" in windows 2000), select "Run
    > As...", enter the new credentials, and browse to Application 2.
    >
    > Hope this helps,
    > --Michael
    >
    > "Shimon Facterman" <> wrote in message
    > news:%23Js2T$...
    > > Hi all,
    > >
    > > This is my Scenario:
    > > Have a login page in Application 1 with Anoynoumous authentication.
    > > Using this login page I would like to receive credentials from Active
    > > Directory (using Directoryservices I assume),
    > > and somehow return them back to the client browser as if I made login in a
    > > Windows authenticated application.
    > >
    > > I need this because if login is successfull I need to redirect user to
    > > Application 2 which is under Windows authentication security and I don't
    > > want the login popup to appear (e.q the user to login again).
    > >
    > > Is this possible?
    > >
    > >

    >
    >
     
    Raterus, Aug 24, 2004
    #4
  5. Shimon Facterman

    shimon f Guest

    When you navigate to a site that is uses windows authentication I am
    challenged with username/password/domain.
    If I successfully login and than redirected to another site in the same
    domain I will no longer be needing to get authenticated.

    In my case I am browsing in a site that has anonymous access + maybe also
    windows authentication.
    I need to implement login page. In this login page I will enter
    username/password/domain and will get authenticated to Active directory.
    My problem is that I want that my browser will also hold this
    "authentication" AS IF I GOT AUTHENTICATED in a site that is protected by
    windows authentication. This is because that next, when I will be redirected
    to another site in the same domain I will no longer be needing to get
    authenticated (no popup windows login window).

    This is the best way I can explain this.

    Shimon



    "Raterus" <> wrote in message
    news:#...
    I'm sorry, but what you wrote only confused me more, can you try to explain
    it again with different terms?

    "Shimon Facterman" <> wrote in message
    news:OlpXc%...
    > Maybe my definition was wrong.
    > what I really need as the ability to get authenticated to active directory
    > through custom login page in an anonymous authentication site as if
    > I was now authenticating in an windows authentication site (with the gray
    > username/password popup window).
    > This way if i will ne next navigation to real windows authentication site

    I
    > will no longer be needing to get authenticated again.
    >
    > Hope that is clearer now.
    >
    > "Raterus" <> wrote in message
    > news:#cw#...
    > If I understand you correctly, this cannot be done. There is no way a
    > webserver can pass Internet Explorer the credentials it now should use in
    > place of its current credentials. It sounds like though that if you start
    > Internet Explorer using the "Run As" command, you should be able to change
    > the credentials to something other than the currently logged on user. To
    > start using "Run As" you have to be running 2000+, find the iexplore.exe
    > file, right click (you need to hold "shift" in windows 2000), select "Run
    > As...", enter the new credentials, and browse to Application 2.
    >
    > Hope this helps,
    > --Michael
    >
    > "Shimon Facterman" <> wrote in message
    > news:%23Js2T$...
    > > Hi all,
    > >
    > > This is my Scenario:
    > > Have a login page in Application 1 with Anoynoumous authentication.
    > > Using this login page I would like to receive credentials from Active
    > > Directory (using Directoryservices I assume),
    > > and somehow return them back to the client browser as if I made login in

    a
    > > Windows authenticated application.
    > >
    > > I need this because if login is successfull I need to redirect user to
    > > Application 2 which is under Windows authentication security and I don't
    > > want the login popup to appear (e.q the user to login again).
    > >
    > > Is this possible?
    > >
    > >

    >
    >
     
    shimon f, Aug 25, 2004
    #5
  6. Shimon Facterman

    Raterus Guest

    I have to go back on my first answer for this one, can't be done...

    "shimon f" <> wrote in message news:...
    > When you navigate to a site that is uses windows authentication I am
    > challenged with username/password/domain.
    > If I successfully login and than redirected to another site in the same
    > domain I will no longer be needing to get authenticated.
    >
    > In my case I am browsing in a site that has anonymous access + maybe also
    > windows authentication.
    > I need to implement login page. In this login page I will enter
    > username/password/domain and will get authenticated to Active directory.
    > My problem is that I want that my browser will also hold this
    > "authentication" AS IF I GOT AUTHENTICATED in a site that is protected by
    > windows authentication. This is because that next, when I will be redirected
    > to another site in the same domain I will no longer be needing to get
    > authenticated (no popup windows login window).
    >
    > This is the best way I can explain this.
    >
    > Shimon
    >
    >
    >
    > "Raterus" <> wrote in message
    > news:#...
    > I'm sorry, but what you wrote only confused me more, can you try to explain
    > it again with different terms?
    >
    > "Shimon Facterman" <> wrote in message
    > news:OlpXc%...
    > > Maybe my definition was wrong.
    > > what I really need as the ability to get authenticated to active directory
    > > through custom login page in an anonymous authentication site as if
    > > I was now authenticating in an windows authentication site (with the gray
    > > username/password popup window).
    > > This way if i will ne next navigation to real windows authentication site

    > I
    > > will no longer be needing to get authenticated again.
    > >
    > > Hope that is clearer now.
    > >
    > > "Raterus" <> wrote in message
    > > news:#cw#...
    > > If I understand you correctly, this cannot be done. There is no way a
    > > webserver can pass Internet Explorer the credentials it now should use in
    > > place of its current credentials. It sounds like though that if you start
    > > Internet Explorer using the "Run As" command, you should be able to change
    > > the credentials to something other than the currently logged on user. To
    > > start using "Run As" you have to be running 2000+, find the iexplore.exe
    > > file, right click (you need to hold "shift" in windows 2000), select "Run
    > > As...", enter the new credentials, and browse to Application 2.
    > >
    > > Hope this helps,
    > > --Michael
    > >
    > > "Shimon Facterman" <> wrote in message
    > > news:%23Js2T$...
    > > > Hi all,
    > > >
    > > > This is my Scenario:
    > > > Have a login page in Application 1 with Anoynoumous authentication.
    > > > Using this login page I would like to receive credentials from Active
    > > > Directory (using Directoryservices I assume),
    > > > and somehow return them back to the client browser as if I made login in

    > a
    > > > Windows authenticated application.
    > > >
    > > > I need this because if login is successfull I need to redirect user to
    > > > Application 2 which is under Windows authentication security and I don't
    > > > want the login popup to appear (e.q the user to login again).
    > > >
    > > > Is this possible?
    > > >
    > > >

    > >
    > >

    >
    >
     
    Raterus, Aug 25, 2004
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. jadher
    Replies:
    1
    Views:
    3,622
    William F. Robertson, Jr.
    Oct 11, 2004
  2. =?Utf-8?B?UGF0cmljay5PLklnZQ==?=

    Passing credentials to windows integrated authentication

    =?Utf-8?B?UGF0cmljay5PLklnZQ==?=, Oct 26, 2004, in forum: ASP .Net
    Replies:
    3
    Views:
    3,561
    Girish bharadwaj
    Oct 26, 2004
  3. Reporter
    Replies:
    3
    Views:
    496
    Mike Schilling
    May 12, 2007
  4. Michael Ames

    How to get integrated credentials from anonymous access

    Michael Ames, Nov 3, 2003, in forum: ASP .Net Security
    Replies:
    1
    Views:
    170
    Alexander Stojakovic
    Nov 4, 2003
  5. Replies:
    1
    Views:
    239
Loading...

Share This Page