Thanks Steven

"Steven Cheng[MSFT]" wrote:

> Hi Bart,
>
> As for the retriveing the user credential in one application and use pass
> it to another web applicaiton you mentioned, yes, you're right, only basic
> or keberos is possible to do so and NTLM is not capable of this. In
> addition, if you're using the WebRequest class to post the request and wan
t
> to pass the credential via the NetworkCredential class, I'm afraid only th
e
> basic authenticaiton is ok (keberos is also not work), because the
> NetworkCredential class need us to provide the username and password, but
> in asp or asp.net web application, we can't retrieve the password info if
> we're not using the basic authentication in IIS. Keberos won't provide
> password, it only provide a authenticated token which is mantained by
> client for sequence request.  So the basic authentication is the only mean
s
> that we can retrieve both the username and password of the client user in
> our web application,
> Thanks.
>
> Regards,
>
> Steven Cheng
> Microsoft Online Support
>
> Get Secure! www.microsoft.com/security
> (This posting is provided "AS IS", with no warranties, and confers no
> rights.)
>
> Get Preview at ASP.NET whidbey
> http://msdn.microsoft.com/asp.net/whidbey/default.aspx
>
>

[ Post a follow-up to this message ]