Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > dynamically requesting windows authentication on a resource

Reply
Thread Tools

dynamically requesting windows authentication on a resource

 
 
z f
Guest
Posts: n/a
 
      08-28-2005
Hi,

I have a asp.net web application, and in one of my pages I would like to be
able to request windows authentication on the fly, without the page
configured for windows authenticatino in IIS.

is this possible using some http header / return value?

i can surely mimic IIS behavior returning access denied, but a key should be
added and IIS have to accept the credentials of the client.

TIA.


 
Reply With Quote
 
 
 
 
Chris Crowe [MVP]
Guest
Posts: n/a
 
      08-29-2005
Although you can dynamically request authentication by setting a 401 Status
and also a WWW-Authenticate header you will not be able to process these I
would think. What will you do with the NTLM hash that is produced?

Why do you want to do this?

This is a set of headers that IIS returns when a user requests an NTLM page.
But if IIS is not configured to accept the NTLM header I do not know what
happens.

HTTP/1.1 401 Access Denied
Server: Microsoft-IIS/5.1
Date: Mon, 29 Aug 2005 19:10:54 GMT
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
Connection: close
Content-Length: 4431
Content-Type: text/html

--
Cheers

Chris

Chris Crowe [IIS MVP]
http://blog.crowe.co.nz


"z f" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi,
>
> I have a asp.net web application, and in one of my pages I would like to
> be able to request windows authentication on the fly, without the page
> configured for windows authenticatino in IIS.
>
> is this possible using some http header / return value?
>
> i can surely mimic IIS behavior returning access denied, but a key should
> be added and IIS have to accept the credentials of the client.
>
> TIA.
>
>



 
Reply With Quote
 
 
 
 
Joe Kaplan \(MVP - ADSI\)
Guest
Posts: n/a
 
      08-30-2005
You can definitely handle your own basic auth though. It is very "basic".


However, this is not a good idea without SSL in the mix.

Joe K.

"Chris Crowe [MVP]" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Although you can dynamically request authentication by setting a 401
> Status and also a WWW-Authenticate header you will not be able to process
> these I would think. What will you do with the NTLM hash that is produced?
>
> Why do you want to do this?
>
> This is a set of headers that IIS returns when a user requests an NTLM
> page. But if IIS is not configured to accept the NTLM header I do not know
> what happens.
>
> HTTP/1.1 401 Access Denied
> Server: Microsoft-IIS/5.1
> Date: Mon, 29 Aug 2005 19:10:54 GMT
> WWW-Authenticate: Negotiate
> WWW-Authenticate: NTLM
> Connection: close
> Content-Length: 4431
> Content-Type: text/html
>
> --
> Cheers
>
> Chris
>
> Chris Crowe [IIS MVP]
> http://blog.crowe.co.nz
>
>
> "z f" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> Hi,
>>
>> I have a asp.net web application, and in one of my pages I would like to
>> be able to request windows authentication on the fly, without the page
>> configured for windows authenticatino in IIS.
>>
>> is this possible using some http header / return value?
>>
>> i can surely mimic IIS behavior returning access denied, but a key should
>> be added and IIS have to accept the credentials of the client.
>>
>> TIA.
>>
>>

>
>



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Resource expression to access resource located in library Heinrich Moser ASP .Net 1 03-27-2008 04:25 PM
Very annoying error: Access to the path is denied. ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity Jay ASP .Net 2 08-20-2007 07:38 PM
Resource manager problem: naming for embedded resource. Dirc Khan-Evans ASP .Net 1 10-17-2005 12:52 PM
Requesting Window authentication for another user to certify drago_8_8 ASP .Net 0 10-08-2004 04:00 PM
The system cannot locate the resource specified. Error processing resource avishosh XML 2 08-08-2004 06:28 AM



Advertisments