Switching to the secure page looses authentication...

[Guest]

I have a page (http://www.something.com/) and a secure page (https://secure.something.com) and the secure.something.com points to http://www.something.com/secure/

All works ok, but, when I transfer to one of the pages on the secure directory all gets lost. First of all, I had to basically duplicate my web application assembly in the secure folder. I created a "secureWrapper" solution and I added the main web application as a reference, because otherwise it wouldn't see it. The problem is that if I switch to one of the pages on the https:// the authentication credentials get lost... For instance the Request.IsAuthenticated is false, even though I come from an authenticated page... Then if I redirect from there back to the non-secure page the authentication ticket appears again..

Any idea how I can maintain the authentication token between the secure and non-secure pages

thank you
iulian

 

[Calvin Luttrell/ProjectThunder.com]

Iulian,

There is that saying don't change horses mid stream. I'm a little confused on what you are asking but here it goes. If you are challenging request to a site once they are prompted to authenticate they're should be a little box that says 'Remember my password' (Win XP). Also in the Internet Explorer options there is a setting so that Internet Explorer will pass NT credentials by default. This is only useful for intranet applications. Naturally you don't want your I.E. throwing your network login to random sites. Have you tried another machine to see if you get the behavior. I use my own form and then test the NT credentials behind the scenes. Just an idea.


-Calvin Luttrell
ProjectThunder.com