[quoted text, click to view]

[snip]

Can't you just test the domain or IP address of the visitor?

[quoted text, click to view]

Or have them log on once and set a cookie?

[quoted text, click to view]

Have them login once to your Web page then save their information to a
cookie and have subsequent accesses check for the cookie to bypass logins.

[quoted text, click to view]

There is no way that your server is going to be "aware" of their usernames from
their AD Domain.


--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

The views expressed (as annoying as they are, and as stupid as they sound), are
my own and not those of my employer, or Microsoft, or anyone else associated
with me, including my cats.
-----------------------------------------------------

Hi,

I have an online application (written in .asp) that requires a login to be
accessed and used. I have a login.asp page that asks for username and
password, looks up in a MS SQL db if a combination of those
username/password is available and, if so, sets a session variable and goes
to home.asp (this page checks if the session variable has been set, and if
not, redirects to login.asp). That's the usual method in .asp to make
password-protected pages. This way, the SQL database contains all usernames
and passwords.

Now I have a company that wants to use my application (hosted on my server)
but does not want their users to make a double login, I mean one login to
their network and one login to my application. They want a way so that my
application recognizes their users and logins automatically; in a few words,
their users should be allowed to go directly to home.asp without first
stepping to login.asp.

They are using a Windows network, so I looked into using Active Directory
(LDAP) integration in .asp pages but:

1) Can you tell me a source where I can find simple integration information?
I found a lot of information, but nothing is very simple

2) Since my application is hosted on my server (on-line and outside their
network), I don't think I'll be able to use AD integration, because I think
they should be in the same domain

So, my final question is: how would you approach such a problem? Googling on
the net I also found this page
http://www.google.com/a/help/intl/en/admins/editions.html where Google
offers a single sign-on to their application via API. I think they don't use
AD integration, but they achieve exactly what I need (a single sign-on). So,
how can Google do such a thing? What approach are they using? I can develop
a login API for my application too.

Thank you.

What they call "single sign on" can mean anything.
I don't know what Google is doing.


--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

The views expressed (as annoying as they are, and as stupid as they sound), are
my own and not those of my employer, or Microsoft, or anyone else associated
with me, including my cats.
-----------------------------------------------------

[quoted text, click to view]

[quoted text, click to view]

It works by cookies, not by Domain login. MS Passport does not have any idea
what goes on in my Domain,...it does not query my domain controller to
authenticate users,...it is not even capable of reaching my domain controller.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

The views expressed (as annoying as they are, and as stupid as they sound), are
my own and not those of my employer, or Microsoft, or anyone else associated
with me, including my cats.
-----------------------------------------------------

With Passport, you have to login at least once at the passport protected
site, and then your login is saved in a cookie. Even then, if you go to a
different passport protected site than the one you were previously logged
into, you usually have to log in again.


Bob Lehmann

[quoted text, click to view]

"McKirahan" <News@McKirahan.com> ha scritto nel messaggio
news:OradnXe6yvp9YH_YnZ2dnUVZ_sCinZ2d@comcast.com...
[quoted text, click to view]

No, I need to know who the visitor is (First Name, Last Name, etc.). When
employees arrive at work, they need to login to their netword (via Active
Directory). The company wants they can use our application without the need
to login again. When they use our application, we need to know who they are
(First Name, Last Name, etc.)

[quoted text, click to view]

We need them to login once, but where we set the cookie? They login once to
their network, not to our webpage.

Thanks.

"Phillip Windell" <@.> ha scritto nel messaggio
news:udtQ$5dWHHA.528@TK2MSFTNGP03.phx.gbl...
[quoted text, click to view]

That's what Google does (see my link). How they can do it?

"McKirahan" <News@McKirahan.com> ha scritto nel messaggio
[quoted text, click to view]

They don't want to login to our webpage, that's what they want to avoid. I
know there are some sites that behave this way (e.g. Google, MS Passport,
etc.)

[quoted text, click to view]

Also MS Passport does it...

"Phillip Windell" <@.> ha scritto nel messaggio
news:%23aDcD1eWHHA.996@TK2MSFTNGP02.phx.gbl...
[quoted text, click to view]

Yes, it does not work with Domain login, but it does not work with cookies
too. Two different websites cannot exchange cookies. When I login into
Passport, all websites that work with Passport technology can know my
details. So, there should be a method to pass this information from Passport
to each website, not via cookies or sessions.

"Bob Lehmann" <nospam@dontbotherme.zzz> ha scritto nel messaggio
news:uWEB2bgWHHA.4796@TK2MSFTNGP05.phx.gbl...
[quoted text, click to view]

I went to a site and tried to login: it sent me to Passport's website where
I logged in and then was redirected back to the original website. As far as
I know, I cannot create a cookie (on Passport's website) that can be "seen"
by other websites (original website).