Authenticating to one web site from another

Posted on 2012-04-10
Last Modified: 2012-04-27
Here's the situation...I've got a Sharepoint site.  In that Sharepoint site, in a content editor web part (HTML), I'm trying to pull in content (images) from *another* IIS web site, which has Windows Authentication enabled.  What I'd like is for people who are already authenticated to the Sharepoint server, to be able to view the images in the content editor web part (I want the Sharepoint page to pass a username/password to the other server).  Is this possible?  

I've Googled up and down and I'm sure there's a way, I'm just not sure what to look for.
Question by:mgudites1
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2

Accepted Solution

RaithZ earned 500 total points
ID: 37829370
It is called double-hop authentication, which only works if you are using Kerberos authentication with SharePoint.  Without Kerberos, your authentication token gets used up when you authenticate with SharePoint, and is not available anymore to be sent to the site you are pulling content from.

Author Comment

ID: 37829385
Sorry, I'm not looking to pass the user's authentication.  I want to pass a specific username and password.  

So, jsmith logs on to Sharepoint, and then when they go to this site, and they try to load up this page, Sharepoint passes a "hardcoded" username/password for an account called "pictures," which lives on the other server it's authenticating to.  Does that make sense?

Expert Comment

ID: 37829413
Sorry I failed to read your question in full.  I would think this is possible but it would either need to be passed in the URL that the webpart pulls up or you would need to make a custom web part.  There is a SharePoint service called BCS but I don't think it would help in this particular situation.

Author Comment

ID: 37829423
I thought about the passing via the URL, but it would appear that solution doesn't work with IE.  Otherwise that would have been great.  It's a resource that we don't necessarily want the outside world having access to, but nothing so secure that if someone got a hold of the PW, would be a big deal.

Expert Comment

ID: 37829503
You could check what authentication the SharePoint server gives your secondary resource and then give that ID permissions to the resource.  Check the logs on the destination server when authentication fails to see what credentials it tried to use.

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SharePoint Designer 2010 has tools and commands to do everything that can be done with web parts in the browser, and then some – except uploading a web part straight into a page that is edited in SPD. So, can it be done? Scenario For a recent pr…
These days socially coordinated efforts have turned into a critical requirement for enterprises.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question