What is the best way to set-up cross site authentication ? Ideally we would
like users who have authenticated into a secure section of one (local) site
to be able to click on a link and somehow pass the authentication credential
s
to another (remote, not on same domain) site without prompting the users to
enter another ID & password.  Also, we would like any authentication that is
used or passed to not be visable on the page they are leaving by using the
View/Source option or in the URL.  TIA ...

[ Post a follow-up to this message ]

Hi,

Is the other server under your administrative control? Is it part of e.g.
same Active Directory?

--
Mike
Microsoft MVP - Windows Security

"E-Double" <EDouble@discussions.microsoft.com> wrote in message
news:C4F6B988-42DD-402D-8A68-EADD9F1F2868@microsoft.com...
> What is the best way to set-up cross site authentication ? Ideally we
> would
> like users who have authenticated into a secure section of one (local)
> site
> to be able to click on a link and somehow pass the authentication
> credentials
> to another (remote, not on same domain) site without prompting the users
> to
> enter another ID & password.  Also, we would like any authentication that
> is
> used or passed to not be visable on the page they are leaving by using the
> View/Source option or in the URL.  TIA ...

[ Post a follow-up to this message ]

not part of the same AD, they just supplied us with the user ID and password
to use ...

e.




"Miha Pihler [MVP]" wrote:

> Hi,
>
> Is the other server under your administrative control? Is it part of e.g.
> same Active Directory?
>
> --
> Mike
> Microsoft MVP - Windows Security
>
> "E-Double" <EDouble@discussions.microsoft.com> wrote in message
> news:C4F6B988-42DD-402D-8A68-EADD9F1F2868@microsoft.com... 
>
>
>

[ Post a follow-up to this message ]

Hi,

In this case I don't see any (easy) way to accomplish what you want --
specially since your users enter username and password that is different
from the other site.

You might be able to do something _together_ with the owners of the site
(e.g. use cookies for authentication or filter access to the site by your IP
address instead of using usernames and passwords...)...

--
Mike
Microsoft MVP - Windows Security

"E-Double" <EDouble@discussions.microsoft.com> wrote in message
news:31182EA6-2ABF-4496-9F0A-161B49194966@microsoft.com...[vbcol=seagreen]
> not part of the same AD, they just supplied us with the user ID and
> password
> to use ...
>
> e.
>
>
>
>
> "Miha Pihler [MVP]" wrote:
> 

[ Post a follow-up to this message ]

Cool, thanks for the reply.  We will probably try the cookies option first.

e.



"Miha Pihler [MVP]" wrote:

> Hi,
>
> In this case I don't see any (easy) way to accomplish what you want --
> specially since your users enter username and password that is different
> from the other site.
>
> You might be able to do something _together_ with the owners of the site
> (e.g. use cookies for authentication or filter access to the site by your 
IP
> address instead of using usernames and passwords...)...
>
> --
> Mike
> Microsoft MVP - Windows Security
>
> "E-Double" <EDouble@discussions.microsoft.com> wrote in message
> news:31182EA6-2ABF-4496-9F0A-161B49194966@microsoft.com... 
>
>
>

[ Post a follow-up to this message ]