I dont know if its possible, but ....
On first site the user is authenticated using active directory and got WindowsPrincipal user.
Then in iframe will shown a second site. How to pass an object User or credentials of authentication to second site?
How to authenticate the user with the same credentials?
Thanks
You are searching for SSO (single sing on).
It depends on how you make your authentication in application, so it's hard to advice you.
But if you want to understand problem you could start from this article.
Related
I want to display the start page of my web application in one way if the visiting user is authenticated in the AD and another way if the user is not.
I am able to distinguish users by checking their username using this: HttpContext.Current.User.Identity.Name
However, this only works after the user has tried to access a secured page and I want to know this when a user visist the public start page. Any ideas of how this can be done?
If you don't have Authentication you can't know which user is it. So I guess you can set cookie/localStorage for the next time he will get to the page.
OR
What I think will be preferable when using AD, you can provide sub domain for those users, so each time someone is coming from this sub domain you will know he is AD user.
We currently have a website which has formsauthentication implemented on it.
One of the client requested us to implement a single sign on solution to this website with basic authentication and we want to keep formsauth for the rest of the clients.
So I created a new SSO folder, SSO/SSODefault.aspx page, which will be accessed by only one client and I configured basic authentication in IIS (enabled basic auth and disabled anonymous).
How do I configure/code at application level so that if a user access ~/SSO/SSODefault.aspx I need to perform basic authentication and if user access ~/Login.aspx or ~/any other page except the above SSO page I need to do FormsAuthentication.
You'll still do FormsAuthentication, but in your SSO page, you'll generate a ticket that the FormsAuthentication method will look at, discover that it is already authenticated, and let that user in. This blog post should get you started in the right direction.
In a web application, is there any way to check the requested user has got admin privileges.
Is it possible? Can you suggest one method?
For example: a front-end user requests a page in my application. I want to know whether the user that made the request has admin privileges in his client machine. I have to check whether he is logged in with an admin privileged account in the system.
I need the privileges of logged in user to the system not to my application , my application doesn't have a login. One user just request my home page or any other page and i just want to know that user is logged into his PC with an admin account or not?
I'd suggest the membership provider for you.
Read this article for more information.
EDIT:
After reading some given answers and other questions, read this article (provided by Abbas).
Especially look at the chapter "Role Management, User Identity, and Membership".
This explains the difference between windows authentication (login with your windows account when on an intranet) and forms authentication (login with username and password)
First read the article that #Rick Hoving provided. Once you understand the whole Membership-story you should read this article, also from MSDN: Understanding Role Management. Roles & Access rules are explained, as well as the management and so on. Hope this helps!
you can create role and store role information in session
I have a two web application and a sts server. when user calls first web app it is redirected to sts server for validation. on validation the user logs in to the 1st web app. In my 1st web app there is a button when clicked should open the 2nd web app without me asking for
validation from sts server. Since I have added reference of sts in my second web app it is asking for validation again from sts server.
Can anyone please help me.
Thanks
Nilesh
It seems that your STS does not retain the information about user being logged in. The STS itself has to use some authentication mechanism and ask users to log in only the FIRST time they visit the STS.
It could also be a sync issue how are you verifying that the information is being authenticated and passed back, are the users perhaps not setup properly on one of the passthrough servers in regards to SSO authentication..? I would look at Session Variables and see if those are being kept or whiped.. just an idea..
also sounds like the users are not in that domain / authenticated group where you have setup SSO that's probably why it's popping up a user/login I've seen this before when I worked a Chase
we have an ASP.net web application running on IIS7. We have multiple users, but we don't always know their password. Here's what we'd like to be able to do:
Login as some sort of administrator, be presented with our current list of users, click some sort of "Run as John Doe user", at which point we'd be able to see the application (or certain pages) as that user.
We're looking to do this in a support/debugging capacity. I've looked into ASP.net's Impersonation, but that doesn't seem to apply here.
Any help/advice is appreciated. If I'm living in a dream world, please let me know.
If you are using forms authentication all you need to do is to emit an authentication cookie with the username of the user you are trying to impersonate:
// Need to be signed as administrator in order to be
// able to impersonate
if (User.IsInRole("Administrator"))
{
FormsAuthentication.SetAuthCookie("johndoe", false);
}
and on the next request you will be John Doe. You could also store some value in the session to indicate that this is an administrator acting on behalf of John Doe if you ever needed this information.
If you are using Windows NTLM authentication I don't think this is possible (please correct me if I am wrong).