Re: Authentication using Distinguished name instead of Certificate
Web Server forum
Back To The Forum Home!Search!Private Messaging System
Visit your User Control Panel!Register your FREE username now!Visit Our Calendar!View the Member List!Faqs!Search our Forums!

Web Server Talk Web Server Talk > Web Servers reviews > IIS server support > IIS Server Security > Re: Authentication using Distinguished name instead of Certificate




  Last Thread   Next Thread Next
  Show Printable Version Email this Page Subscribe to this Thread      Post New Thread    Post A Reply      

    Re: Authentication using Distinguished name instead of Certificate  
Ken Schaefer


View Ip Address Report This Message To A Moderator Edit/Delete Message


 
12-07-05 08:50 AM

Daniel,

I'm a bit confused as well. Authentication occurs when you marry a user
identity (e.g. a username, in this case the DN) with the corresponding
"secret" (this is usually a password, or some kind of token like a
certificate). Given that you have the username only, how do you intend to
authenticate the user? How do you know the user is who they say they are?

Cheers
Ken


"Daniel Corbett" <mrinalexandria@nospam.nospam> wrote in message
news:E6823E0A-6B99-4F47-B4BF-1A386B811C63@microsoft.com...
:I DO want to a pass-through authentication feature by myself.   Instead of
: authenticating on a client certificate, I want to authenticate based on
the
: Distinguished name contained in a header in the client request.   For
: security purposes there is also a certificate contained in the request,
: however, I am only using that to verify the validity of the connection,
not
: to authenticate the user who originally sent the HTTP request.
:
: ""Yuan Ren[MSFT]"" wrote:
:
: > Hi,
: >
: > Welcome to Microsoft newsgroup!
: >
: > >How can I logon / impersonate the user / grab the appropriate "ticket"
: > without the password?
: > >¡_
: > >"This is what IIS does when it does certificate based login, however,
in
: > this case, I do not have the full certificate."
: >
: > IIS has client certificate authentication. However in this scenario, we
do
: > need to provide each authenticated user account's password which is
stored
: > into IIS metabase. The below article explains how this feature works in
IIS
: > 5.0:
: > http://support.microsoft.com/defaul...;313070&sd=tech
: >
: > >"I need to authenticate against active directory and log a user on to
: > Sharepoint. In order to reduce SSL load and support edge server caching
we
: > are using a persistant shared SSL connection."
: >
: > I'm not very clear about what you want to achieve. Could you please
explain
: > the whole scenario more clearly? It sounds like you want to implement a
: > pass-through authentication feature by yourself? What authentication
method
: > you want to use? Is SSL used for encryption only or you also want it to
: > implement client cert authentication?
: >
: > Regards,
: >
: > Yuan Ren [MSFT]
: > Microsoft Online Support
: >
: >




[ Post a follow-up to this message ]



    Sponsored Links  




 



   All times are GMT. The time now is 07:30 AM.      Post New Thread    Post A Reply      
  Last Thread   Next Thread Next


Most Popular forums 
Apache Server MySQL for Windows Sendmail
Red Hat Networking SuSe Linux Debian Linux
FreeBSD administration Sun Solaris administration Unix Shell programming
WebSphere Portal Server Exchange 2000 administration PostgreSQL administration
Linux Security Computer Security Firewalls

Forum Jump:
Rate This Thread:

Forum Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts 		HTML code is OFF
vB code is ON
Smilies are ON
[IMG] code is OFF
 
Medical and Health forum | Computer Games Reviews | Graphics design forum

Back To The Top
Home | Usercp | Faq | Register