Solved

Passing User ID and Password to another IIS Box

Posted on 2008-10-22
3
163 Views
Last Modified: 2013-12-08
I have a website that acts as the company extranet as well as a portal for our users to access their employee information. When clicking on the Employees link they are required to put in their network user name and password. Once authenticated they can browse their employee information. There is a link they can click on once logged in that will take them to their OWA, but OWA is on the Exchange server on another box. When the user clicks on that link they are required to put in their user name and password again.

Is there a way around that? Can I configure the IIS boxes to share the user name and password? Both boxes are in the same domain and are located on the same subnet and all that. Users would like to be able to log in once while inside the firewall and using a computer outside the network, like their laptop or home machine.

Thanks!
0
Comment
Question by:simplemojo
3 Comments
 
LVL 37

Accepted Solution

by:
meverest earned 250 total points
Comment Utility
Hi,

you need to think about http protocol to understand why that happens.  every request from a web server is essentially an independent interaction between the given client and the server.  the only way that a server even knows that a request is part of an active 'session' (i.e. the user has previously logged in to access content) is by setting a cookie in the client browser, then the client sends that cookie with each subsequent request to the server.

that cookie, of course, is only ever valid on that server, and is effectively non-transferrable (in fact irrelevant) on any other server.

therefore, any logged-in session on the web site has no relevance to the OWA server.

there are work-arounds, of course, that involve shared access to session information between multipke web servers in a central data store, and then use of a 'token' in the url to reference the relevant session.

these schemes, however, are generally proprietry to teh specific web application, and I don't think that OWA supports such a scheme.

Cheers.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

I had to do a bit of research to find the answer to this question so I thought I'd share my results.  Due to our outdated mainframe systems, we need to downgrade IE9 to IE8 in order to stay compatible.  We also needed to downgrade Java.  In order to…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now