Cross Site authentication ?

What is the best way to set-up cross site authentication ? Ideally we would
like users who have authenticated into a secure section of one (local) site
to be able to click on a link and somehow pass the authentication credentials
to another (remote, not on same domain) site without prompting the users to
enter another ID & password. Also, we would like any authentication that is
used or passed to not be visable on the page they are leaving by using the
View/Source option or in the URL. TIA ...

Re: Cross Site authentication ?

Hi,

Is the other server under your administrative control? Is it part of e.g.
same Active Directory?

--
Mike
Microsoft MVP - Windows Security

"E-Double" wrote in message
news:C4F6B988-42DD-402D-8A68-EADD9F1F2868@microsoft.com...
> What is the best way to set-up cross site authentication ? Ideally we
> would
> like users who have authenticated into a secure section of one (local)
> site
> to be able to click on a link and somehow pass the authentication
> credentials
> to another (remote, not on same domain) site without prompting the users
> to
> enter another ID & password. Also, we would like any authentication that
> is
> used or passed to not be visable on the page they are leaving by using the
> View/Source option or in the URL. TIA ...

Re: Cross Site authentication ?

not part of the same AD, they just supplied us with the user ID and password
to use ...

e.




"Miha Pihler [MVP]" wrote:

> Hi,
>
> Is the other server under your administrative control? Is it part of e.g.
> same Active Directory?
>
> --
> Mike
> Microsoft MVP - Windows Security
>
> "E-Double" wrote in message
> news:C4F6B988-42DD-402D-8A68-EADD9F1F2868@microsoft.com...
> > What is the best way to set-up cross site authentication ? Ideally we
> > would
> > like users who have authenticated into a secure section of one (local)
> > site
> > to be able to click on a link and somehow pass the authentication
> > credentials
> > to another (remote, not on same domain) site without prompting the users
> > to
> > enter another ID & password. Also, we would like any authentication that
> > is
> > used or passed to not be visable on the page they are leaving by using the
> > View/Source option or in the URL. TIA ...
>
>
>

Re: Cross Site authentication ?

Hi,

In this case I don't see any (easy) way to accomplish what you want --
specially since your users enter username and password that is different
from the other site.

You might be able to do something _together_ with the owners of the site
(e.g. use cookies for authentication or filter access to the site by your IP
address instead of using usernames and passwords...)...

--
Mike
Microsoft MVP - Windows Security

"E-Double" wrote in message
news:31182EA6-2ABF-4496-9F0A-161B49194966@microsoft.com...
> not part of the same AD, they just supplied us with the user ID and
> password
> to use ...
>
> e.
>
>
>
>
> "Miha Pihler [MVP]" wrote:
>
>> Hi,
>>
>> Is the other server under your administrative control? Is it part of e.g.
>> same Active Directory?
>>
>> --
>> Mike
>> Microsoft MVP - Windows Security
>>
>> "E-Double" wrote in message
>> news:C4F6B988-42DD-402D-8A68-EADD9F1F2868@microsoft.com...
>> > What is the best way to set-up cross site authentication ? Ideally we
>> > would
>> > like users who have authenticated into a secure section of one (local)
>> > site
>> > to be able to click on a link and somehow pass the authentication
>> > credentials
>> > to another (remote, not on same domain) site without prompting the
>> > users
>> > to
>> > enter another ID & password. Also, we would like any authentication
>> > that
>> > is
>> > used or passed to not be visable on the page they are leaving by using
>> > the
>> > View/Source option or in the URL. TIA ...
>>
>>
>>

Re: Cross Site authentication ?

Cool, thanks for the reply. We will probably try the cookies option first.

e.



"Miha Pihler [MVP]" wrote:

> Hi,
>
> In this case I don't see any (easy) way to accomplish what you want --
> specially since your users enter username and password that is different
> from the other site.
>
> You might be able to do something _together_ with the owners of the site
> (e.g. use cookies for authentication or filter access to the site by your IP
> address instead of using usernames and passwords...)...
>
> --
> Mike
> Microsoft MVP - Windows Security
>
> "E-Double" wrote in message
> news:31182EA6-2ABF-4496-9F0A-161B49194966@microsoft.com...
> > not part of the same AD, they just supplied us with the user ID and
> > password
> > to use ...
> >
> > e.
> >
> >
> >
> >
> > "Miha Pihler [MVP]" wrote:
> >
> >> Hi,
> >>
> >> Is the other server under your administrative control? Is it part of e.g.
> >> same Active Directory?
> >>
> >> --
> >> Mike
> >> Microsoft MVP - Windows Security
> >>
> >> "E-Double" wrote in message
> >> news:C4F6B988-42DD-402D-8A68-EADD9F1F2868@microsoft.com...
> >> > What is the best way to set-up cross site authentication ? Ideally we
> >> > would
> >> > like users who have authenticated into a secure section of one (local)
> >> > site
> >> > to be able to click on a link and somehow pass the authentication
> >> > credentials
> >> > to another (remote, not on same domain) site without prompting the
> >> > users
> >> > to
> >> > enter another ID & password. Also, we would like any authentication
> >> > that
> >> > is
> >> > used or passed to not be visable on the page they are leaving by using
> >> > the
> >> > View/Source option or in the URL. TIA ...
> >>
> >>
> >>
>
>
>