| Daniel Corbett 2005-12-05, 7:53 am |
| I DO want to a pass-through authentication feature by myself. Instead of
authenticating on a client certificate, I want to authenticate based on the
Distinguished name contained in a header in the client request. For
security purposes there is also a certificate contained in the request,
however, I am only using that to verify the validity of the connection, not
to authenticate the user who originally sent the HTTP request.
""Yuan Ren[MSFT]"" wrote:
> Hi,
>
> Welcome to Microsoft newsgroup!
>
> without the password?
> this case, I do not have the full certificate."
>
> IIS has client certificate authentication. However in this scenario, we do
> need to provide each authenticated user account's password which is stored
> into IIS metabase. The below article explains how this feature works in IIS
> 5.0:
> http://support.microsoft.com/defaul...;313070&sd=tech
>
> Sharepoint. In order to reduce SSL load and support edge server caching we
> are using a persistant shared SSL connection."
>
> I'm not very clear about what you want to achieve. Could you please explain
> the whole scenario more clearly? It sounds like you want to implement a
> pass-through authentication feature by yourself? What authentication method
> you want to use? Is SSL used for encryption only or you also want it to
> implement client cert authentication?
>
> Regards,
>
> Yuan Ren [MSFT]
> Microsoft Online Support
>
>
|