Solved

IIS 4.0 Basic Authentication Using an HTML Form

Posted on 2001-07-09
13
184 Views
Last Modified: 2006-11-17
Hello all,

I'm am using basic authentication with SSL to protect portions of a website. I want to use an html form to pass the Username and Password to the site instead of having the Username and Password prompt display. Can I supply that information to the requesting HTTP Authentication Header?

Thanks in advance,

-rg
0
Comment
Question by:rsgibson
  • 3
  • 3
  • 3
  • +3
13 Comments
 

Author Comment

by:rsgibson
ID: 6265506
Oops,

I forgot to add that I'm running IIS 4.0.

Thanks,

-rg
0
 

Expert Comment

by:yolish
ID: 6266049
I don't think it is possible to disable the username and password prompt. You can still use anonymous authentication and create a login form utilizing your security certificate.
0
 

Author Comment

by:rsgibson
ID: 6266410
Could you elaborate on the security certificate?

Thanks,

-rg
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Expert Comment

by:yolish
ID: 6266430
I guess... what exactly are you trying to do?
0
 

Expert Comment

by:h9925631
ID: 6267541
I think you need to use ADSI to do this. But it is a bit tough to do so. Actually I am doing this too but using IIS 5.5.
0
 

Expert Comment

by:h9925631
ID: 6267617
The problem I encounter is how to get the correct ADSPath. It is hard for me to get the correct DN components.
0
 

Expert Comment

by:h9925631
ID: 6267764
The problem I encounter is how to get the correct ADSPath. It is hard for me to get the correct DN components.
0
 

Expert Comment

by:yolish
ID: 6270212
a different approach would be to acquire a Digital Certificate from Verisign and create your own security model. Utilizing a database you can create a users table that has a username and password and whatever other data you want to collect about the users and then have a login screen.

Then set a cookie or use session variables (wouldn't recommend until ASP.NET) and have a piece of code at the top of every protected page that verifies that the user is logged in...
0
 
LVL 11

Expert Comment

by:thunderchicken
ID: 6273165
reject the proposed answer and i'll tell you how to do this

don't propose an answer when you "think" it will work. it needs to be a specific solution
0
 

Author Comment

by:rsgibson
ID: 6273218
h9925631:

Thanks for your comments, however I am familiar with ADSI, but that is the solution I'm looking for.

Thanks again

-rg
0
 
LVL 11

Accepted Solution

by:
thunderchicken earned 100 total points
ID: 6275446
You have 2 options:

#1 - Use NT challenge response.  This takes the current NT login and gives you that information, but you can only use Internet Explorer (Netscape is not supported, go figure)

#2 - Either build or purchase a component, best bet is aspuser.com

good luck
0
 
LVL 33

Expert Comment

by:hongjun
ID: 8622831
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:
[points to thunderchicken]

Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

hongjun
EE Cleanup Volunteer
0
 

Expert Comment

by:Chmod
ID: 8674320
As recommended

Chmod
Community Support Moderator @Experts Exchange
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I would like to start this tip/trick by saying Thank You, to all who said that this could not be done, as it forced me to make sure that it could be accomplished. :) To start, I want to make sure everyone understands the importance of utilizing p…
I was asked about the differences between classic ASP and ASP.NET, so let me put them down here, for reference: Let's make the introductions... Classic ASP was launched by Microsoft in 1998 and dynamically generate web pages upon user interact…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question