|
Home > Archive > IIS Server Security > August 2005 > Using Digital Server Authentication
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Using Digital Server Authentication
|
|
| deveshbhartiya@hclinfinet.com 2005-08-01, 5:53 pm |
| Hi
It may sound weired but I would like to know if it is possible that if
the client has a digital certificate installed on his machine, it is
possible to authenticate the client directly without passing the
username and the password on a third party site.
For example, a site accepts digital certificates and requires users to
login to the website to perform necessary actions. Now using my
application is it possible to pass the digital certificates and other
authentication credentials to that website and login directly without
having to manually login?
Any replies are eagerly awaited.
Thank you
Devesh
Note: The application is built on .Net platform.
| |
| Miha Pihler [MVP] 2005-08-01, 5:53 pm |
| Yes, this is possible. I know quite a few sites that use this e.g. my
on-line bank.
When I access the site I get a prompt where I can choose the certificate
that I want to use for logon (in case I have multiple certificates on the
computer). This particular case actually works with smart card so I have to
insert the smart card and enter the PIN#. Once I enter the PIN and select
the certificate I can see my bank account and I can e.g. perform payments
etc...
I hope this helps,
--
Mike
Microsoft MVP - Windows Security
<deveshbhartiya@hclinfinet.com> wrote in message
news:1122907054.041448.78770@g47g2000cwa.googlegroups.com...
> Hi
>
> It may sound weired but I would like to know if it is possible that if
> the client has a digital certificate installed on his machine, it is
> possible to authenticate the client directly without passing the
> username and the password on a third party site.
>
> For example, a site accepts digital certificates and requires users to
> login to the website to perform necessary actions. Now using my
> application is it possible to pass the digital certificates and other
> authentication credentials to that website and login directly without
> having to manually login?
>
> Any replies are eagerly awaited.
>
> Thank you
> Devesh
>
> Note: The application is built on .Net platform.
>
|
|
|
|
|