Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Password changes: Forms Authentication & AD membership provider

Thread Tools

Password changes: Forms Authentication & AD membership provider

Posts: n/a
I'm looking for some guidance on expected behaviour concerning password

The application is a virtual desktop connection broker and is comprised of:

1. Forms authenticated web site, using the Active Directory membership
provider. Hosts MSRDP ActiveX.

2. Remoting service that brokers virtual desktop connections.

3. Virtual Server farms hosting virtual desktops.

The application works as follows:

1. User logs in to the web form.

2. Web application communicates with broker service to retrieve the
appropriate virtual desktop name.

3. User is forwarded to a web page hosting the MSRDP ActiveX and is
connected to the virtual desktop.

4. Use logs in using the same account that was used to authenticate to the
web site.

5. When the virtual desktop session is terminated, the user is forwarded
back to the default page of the web site.

My question is related to the following scenario:

1. User completes steps 1. – 4. described above.

2. User changes password within the virtual desktop.

3. User logs out of virtual desktop and is forwarded to the default page.

What would be the expected result?

If the site was using integrated authentication I would expect this to
result in an account lockout as the credentials provided to Internet Explorer
when originally prompted would now be out of date. Is this assumption correct?


Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
SiteMinder vs .NET Membership Provider/Forms Authentication vcuankitdotnet ASP .Net 3 03-19-2008 01:11 PM
Forms Authentication without Membership provider? hfdev ASP .Net Web Controls 2 08-09-2007 11:40 PM
Membership or Role Provider // Provider Model // Factories .. How does MS do it? sloan ASP .Net 1 07-03-2007 08:17 PM
Deploying 2.0 app on a Service Provider .. Membership Provider sloan ASP .Net 5 06-03-2006 11:20 PM
forms authentication -- expired forms cookie vs. not provided forms cookie Eric ASP .Net Security 2 01-27-2006 10:09 PM