Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Passing User ID and Password to another IIS Box

Posted on 2008-10-22
3
Medium Priority
?
189 Views
Last Modified: 2013-12-08
I have a website that acts as the company extranet as well as a portal for our users to access their employee information. When clicking on the Employees link they are required to put in their network user name and password. Once authenticated they can browse their employee information. There is a link they can click on once logged in that will take them to their OWA, but OWA is on the Exchange server on another box. When the user clicks on that link they are required to put in their user name and password again.

Is there a way around that? Can I configure the IIS boxes to share the user name and password? Both boxes are in the same domain and are located on the same subnet and all that. Users would like to be able to log in once while inside the firewall and using a computer outside the network, like their laptop or home machine.

Thanks!
0
Comment
Question by:simplemojo
1 Comment
 
LVL 37

Accepted Solution

by:
meverest earned 1000 total points
ID: 22784614
Hi,

you need to think about http protocol to understand why that happens.  every request from a web server is essentially an independent interaction between the given client and the server.  the only way that a server even knows that a request is part of an active 'session' (i.e. the user has previously logged in to access content) is by setting a cookie in the client browser, then the client sends that cookie with each subsequent request to the server.

that cookie, of course, is only ever valid on that server, and is effectively non-transferrable (in fact irrelevant) on any other server.

therefore, any logged-in session on the web site has no relevance to the OWA server.

there are work-arounds, of course, that involve shared access to session information between multipke web servers in a central data store, and then use of a 'token' in the url to reference the relevant session.

these schemes, however, are generally proprietry to teh specific web application, and I don't think that OWA supports such a scheme.

Cheers.
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Ever visit a website where you spotted a really cool looking Font, yet couldn't figure out which font family it belonged to, or how to get a copy of it for your own use? This article explains the process of doing exactly that, as well as showing how…
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question