I'm trying to create a web app (website 1) housed inside a windows web browser control. Links in this web app will redirect to another website (website 2) and open in the user's default browser. So the problem I have the windows app housing website 1 is unable to communicate with website 2. Website 1 and website 2 can potentially share the same database.
Is it possible to implement a type of single sign on that I can some how persist across different browsers?
I'd go with using cross browser cookies. (e.g. Flash cookies are cross browser)
http://www.nuff-respec.com/technology/cross-browser-cookies-with-flash
http://www.sajithmr.me/cross-browser-cookies/
http://www.ts0.com/2007/12/cross-browser-cookies.asp
http://www.jon-reed.co.uk/2010/06/28/track-web-visitors-using-cross-browser-cookies-that-won%E2%80%99t-be-deleted/
Related
I have web application A using windows authentication and Web application B using windows authentication. Application B can be accessed through Application A only via links.
Now I sign in as a different user in Application A and click on a link which navigates to Application B. But Application B still uses the old user.
Is there a way to prompt the end user to login to use different browser instance completely.
The easiest way is to make the URL of the new page be a domain that isn't Intranet (or doesn't have some form of SSO)
My app is Windows based, and there is IE installed. But my app will run in a process which does not like externally-launched applications (like a web browser, when authorizing). Instead, my app will use the host application's web features to display a browser.
The host app takes over the front-end and is a public kiosk-type application, so I have no control over how browsing gets launched. The google drive api automatically launches the default browser (with an affinity toward Chrome, even if not the default... :-/
I cant give code examples, but you need to look into non browser based auth - i.e. server side authentication https://developers.google.com/drive/web/auth/web-server?hl=en
I would like to know if it is possible to open a directory from intranet MVC application ? I have been searching about it but i don't found anything.
I tried to open from javascript using window.open('url') but i get unauthorized access.
Thanks,
Tiago MourĂ£o
IMPOSSIBLE !!!
web browsers does not have allow web pages to access to disk drives.
web pages only can read/write cookies.
FileUpload control allow access to the files, only with user action(scripts no allowed).
I found a way to do resolve this problem. If you create a background process using Process.Start('location'), the application opens directory folder.
Tips:
Process.Start() generally used in windows application and if used in
web applications, a process will start on server(not on user agent
that run current page).
you get unauthorized access error, because of IUser has limited
access ...
1) Web Applications can read/write any file and folders on server side with assigning permission.
2) WebApplication with Some sideway can access to file & folders in web pages (client side) !!!
with JavaScripts:
Write a browser add-on with requested functionality, then install on
user agent(browser).
now with call method/function in add-on, you can do the operations
that does not allowed with JavaScript & etc.
with VBScript(Obsoleted) that run/supported only in MsIE:
can using FileSystemObject to full access files and folders.
can using CreateObject to create instance of each object in OS and
working with it.
Finally my answer is IMPOSSIBLE.
So I have done a bit of research on the matter. According to this link:
http://technet.microsoft.com/en-us/library/bb232199(EXCHG.80).aspx
In the "Permission for using Outlook...." section it says:
To use Outlook Web Access Web Parts, you must, at a minimum, be delegated "Reviewer" access to the content that you are opening. If you have embedded an Outlook Web Access Web Part that requires authentication into an application, you must pass authentication information through together with the request for the Web Part. One way to do this is by configuring the Outlook Web Access virtual directory to use Integrated Windows authentication. Integrated Windows authentication lets users who have already logged on by using their Active Directory account use Outlook Web Access without having to enter their credentials again.
The sysadmin here does not want to do that since the fallback (if there are not on the right domain and auth fails) for having OWA use integrated security i guess sends a form with the password in plain-text. According to him, have not researched yet.
I have an asp.net MVC4 intranet application in development, and it is using windows authentication. So two questions:
Is there are way to pass credentials to the iframe without messing the the exchange server setting?
If so, how can I do it?
I lied, three questions:
/3. If I had the exchange setting to allow integrated windows auth, and I try to hit the site from a different domain that is not authorized, how does it fall back to a login form, and is it really a security risk?
Here is the iframe code:
<h2>Inbox</h2>
<iframe
src="http://server/exchange/user/?cmd=contents&fpath=inbox"
width="100%"
height="300"
sandbox="allow-scripts allow-same-origin"
seamless
frameborder="0"></iframe>
I'm building three web applications in .NET that will all share a users database and login information. Lets pretend that application 1 is the "parent" application and applications "A" and "B" are the "child" applications. All users have to be logged into application 1 to have access to applications A and B.
Authorization, Authentication, and MachineKey sections of all web configs are present and work correctly.
I have the correct web.config settings in all applications to achieve Single Sign On except one problem remains: what do I put in the "loginUrl" attribute of the forms tag in Applications A and B.
Assume that the url for the login to application 1 is "www.johnsapp.com/login.aspx" How can I get applications A and B to send the user back to application 1 for authentication using only settings in web.config?
You could use
if (!Request.IsAuthenticated)
Response.Redirect("~/Login.aspx?ReturnUrl=~/thisurl");
in the Page_Load function of the codebehind. This will redirect automatically.
How about using Windows authentication?