Silent Authentication

Silent Authentication

am 11.05.2007 22:19:24 von atemwende

I am designing an intranet site. All content is unprotected - anybody
on the intranet should be able to see everything. There is a
requirement to provide silent authentication against corporate Active
Directory whenever possible; in other words, when a user navigates to
the home page, we want to read some data from AD and provide
personalization if possible; however, if a visitor comes without AD
credentials (e.g. using a browser on a UNIX box not integrated with
AD), we would still authorize access and provide default user
experience. Under no circumstances should a user be prompted to log
in.

I need to have anonymous access enabled to allow for search engines to
"spider" this site, allow access for people who can't authenticate
with Windows Authentication, and avoid breaking other sites that
connect to the content of this site.

Basic Authentication seems like a perfect solution, but it forces a
logon dialogue for Firefox users (IE seems to do what I would like -
automatically replies to the challenge in the WWW-Authenticate header
of 401 response).

It seems like there should be a way to accomplish what I want. Please,
help.

Re: Silent Authentication

am 14.05.2007 17:19:56 von Anthony Yates

The best way to do this would be to create a second site to the same
content. That's the way SharePoint deals with the same type of problem.
You might be able to do something by having only the first page request
authentication and then on failure directing the browser to a second page
that does not require authentication, but I haven't tried it. You would
enable WIA and Anon on the whole site, then only on the first page change
the ntfs file permissions to allow only your AD users. If you have set their
browsers up with the right settings they will auto logon, but others will
fail and go on to the second page and to the rest of the site.
Anthony
http://www.airdesk.co.uk






wrote in message
news:1178914764.319997.192430@e51g2000hsg.googlegroups.com.. .
>I am designing an intranet site. All content is unprotected - anybody
> on the intranet should be able to see everything. There is a
> requirement to provide silent authentication against corporate Active
> Directory whenever possible; in other words, when a user navigates to
> the home page, we want to read some data from AD and provide
> personalization if possible; however, if a visitor comes without AD
> credentials (e.g. using a browser on a UNIX box not integrated with
> AD), we would still authorize access and provide default user
> experience. Under no circumstances should a user be prompted to log
> in.
>
> I need to have anonymous access enabled to allow for search engines to
> "spider" this site, allow access for people who can't authenticate
> with Windows Authentication, and avoid breaking other sites that
> connect to the content of this site.
>
> Basic Authentication seems like a perfect solution, but it forces a
> logon dialogue for Firefox users (IE seems to do what I would like -
> automatically replies to the challenge in the WWW-Authenticate header
> of 401 response).
>
> It seems like there should be a way to accomplish what I want. Please,
> help.
>

Re: Silent Authentication

am 14.05.2007 18:12:35 von atemwende

Thanks a lot, Anthony! I will give it a try.

On May 14, 8:19 am, "Anthony" wrote:
> The best way to do this would be to create a second site to the same
> content. That's the way SharePoint deals with the same type of problem.
> You might be able to do something by having only the first page request
> authentication and then on failure directing the browser to a second page
> that does not require authentication, but I haven't tried it. You would
> enable WIA and Anon on the whole site, then only on the first page change
> the ntfs file permissions to allow only your AD users. If you have set their
> browsers up with the right settings they will auto logon, but others will
> fail and go on to the second page and to the rest of the site.
> Anthonyhttp://www.airdesk.co.uk
>
> wrote in message
>
> news:1178914764.319997.192430@e51g2000hsg.googlegroups.com.. .
>
> >I am designing an intranet site. All content is unprotected - anybody
> > on the intranet should be able to see everything. There is a
> > requirement to provide silent authentication against corporate Active
> > Directory whenever possible; in other words, when a user navigates to
> > the home page, we want to read some data from AD and provide
> > personalization if possible; however, if a visitor comes without AD
> > credentials (e.g. using a browser on a UNIX box not integrated with
> > AD), we would still authorize access and provide default user
> > experience. Under no circumstances should a user be prompted to log
> > in.
>
> > I need to have anonymous access enabled to allow for search engines to
> > "spider" this site, allow access for people who can't authenticate
> > with Windows Authentication, and avoid breaking other sites that
> > connect to the content of this site.
>
> > Basic Authentication seems like a perfect solution, but it forces a
> > logon dialogue for Firefox users (IE seems to do what I would like -
> > automatically replies to the challenge in the WWW-Authenticate header
> > of 401 response).
>
> > It seems like there should be a way to accomplish what I want. Please,
> > help.