Authenticate NT user from ActiveX control?
-
Hi all, My problem is this. I have a user viewing a web page on my intranet and that user has an ActiveX control running on that web page. The ActiveX control needs to get some sort of information about the currently logged in user and to send it to my server and the server must then authenticate that user against the domain. I don't want the user to have to type in a user name or password, I want the user to view the web page, the activeX control to send some security information (SID?) to the server, the server then validates against the NT domain then the user is automatically logged into the intranet system. Do you know what sort of information the ActiveX control needs to get and how I could do all of this? Thanks in advance, Phil
-
Hi all, My problem is this. I have a user viewing a web page on my intranet and that user has an ActiveX control running on that web page. The ActiveX control needs to get some sort of information about the currently logged in user and to send it to my server and the server must then authenticate that user against the domain. I don't want the user to have to type in a user name or password, I want the user to view the web page, the activeX control to send some security information (SID?) to the server, the server then validates against the NT domain then the user is automatically logged into the intranet system. Do you know what sort of information the ActiveX control needs to get and how I could do all of this? Thanks in advance, Phil
IE has integreted authentification, unlike Netscape. This should allow you to log, authenticate, certify someone without showing a single box.
She's so dirty, she threw a boomerang and it wouldn't even come back.
-
IE has integreted authentification, unlike Netscape. This should allow you to log, authenticate, certify someone without showing a single box.
She's so dirty, she threw a boomerang and it wouldn't even come back.
Problem is I have a Apache web server with J2EE on it on a Tomcat thingy. My clients are IE. So you see why I need an ActiveX control to send something to the web server to be authenticated... Any ideas? Cheers, Phil
-
Problem is I have a Apache web server with J2EE on it on a Tomcat thingy. My clients are IE. So you see why I need an ActiveX control to send something to the web server to be authenticated... Any ideas? Cheers, Phil
If you can't rely in integrated authentification (explained here[^]) which to be honest assumes a IE - IIS pair, you may end up doing simple https auto-form submit. I would see you create a https page (from any web server, like the ones you mentioned), build a form, and use the ActiveX to fill and submit this form. Just a thought.
She's so dirty, she threw a boomerang and it wouldn't even come back.
-
Problem is I have a Apache web server with J2EE on it on a Tomcat thingy. My clients are IE. So you see why I need an ActiveX control to send something to the web server to be authenticated... Any ideas? Cheers, Phil
Maybe what you need is WinBind[^], not an ActiveX My latest articles: Desktop Bob - Instant CP notifications XOR tricks for RAID data protection
-
Maybe what you need is WinBind[^], not an ActiveX My latest articles: Desktop Bob - Instant CP notifications XOR tricks for RAID data protection
Well... no unfortuantly. Basically the problem is this - the user is logged into his machine at work as per normal then they open their browser and navigate to the intranet web page. Which happens to be served from an Apache web server running J2EE/JSP etc. Now - as I know the user is currently logged into the domain, why can't that users credientials be sent to the server in order to identify who that user is without the user ever having to enter their user name and password. You see, once the user logged into the domain when the booted their computer they should have a SID, why can't I then send that SID to the server to verify that user? If so - how? Phil
-
Well... no unfortuantly. Basically the problem is this - the user is logged into his machine at work as per normal then they open their browser and navigate to the intranet web page. Which happens to be served from an Apache web server running J2EE/JSP etc. Now - as I know the user is currently logged into the domain, why can't that users credientials be sent to the server in order to identify who that user is without the user ever having to enter their user name and password. You see, once the user logged into the domain when the booted their computer they should have a SID, why can't I then send that SID to the server to verify that user? If so - how? Phil
philip andrew wrote: Now - as I know the user is currently logged into the domain, why can't that users credientials be sent to the server in order to identify who that user is without the user ever having to enter their user name and password. Because that machine does not belongs to the domain. That would be a huge security breach. If MS allowed what you're saying, as you navigate to any Web Site you could have your username/password stolen. My latest articles: Desktop Bob - Instant CP notifications XOR tricks for RAID data protection