Classic ASP - Custom Login Page - Redirects to Windows Auth websit

[Parag Gaikwad]

Hi All,
We have a requirement where we have to develop a custom Login Page which
will accept user's NT credentials ( Username , password, domain name).

This then needs to be passed to a website which uses Windows Authentication

Now my question is how do we pass these credentials to IIS in classic ASP?
Would appreciate any help/pointers on this.

Thanks in advance.
Best Regards,
Parag

 

[Anthony Jones]

Hi All,
We have a requirement where we have to develop a custom Login Page which
will accept user's NT credentials ( Username , password, domain name).

This then needs to be passed to a website which uses Windows Authentication

This slightly ambigous, are you developing ASP which inturn talks to another
web site that requires Windows Logon?

Now my question is how do we pass these credentials to IIS in classic ASP?
Would appreciate any help/pointers on this.

Turn off anonymous access and ensure Windows integrated access is on.

 

[Parag Gaikwad]

Anthony, Thanks for the response.
Yes the custom login page is in another website which has anonymous access.

The requirement is - The user should use the custom login page to enter
credentials to access this website which requires Windows Logon.

I hope this gives clear picture of what I want to acheive.
Thanks and Regards,
Parag

 

[Anthony Jones]

Anthony, Thanks for the response.
Yes the custom login page is in another website which has anonymous access.

The requirement is - The user should use the custom login page to enter
credentials to access this website which requires Windows Logon.

I hope this gives clear picture of what I want to acheive.

Barely.

Are the two servers on the same domain or in domains that can trust each
other?

Are you trying to pass through requests from the client to the other server
(the one requiring windows logon)? OR will the client be redirected
somehow to this server?

Do you intended to enforce HTTPS on the custom login page?

 

[Parag Gaikwad]

Thanks, Anthony.
Ok the requirement is something like this -
All our websites are Intranet sites and within one domain.
Now there is a website which allows anonymous acess to users.
This website will have a custom login page which will take the NT
credentials from the user (like domain, user name , password).
It will then redirect the user to the sites, user wish to visit.
Now all this sites have a windows logon authentication enabled (default IIS
authentication).
Now we should be able to pass these credentials to these sites so that user
should not get the IIS authentication pop up box.

Hope this gives more clearer picture.
Thanks once again.
Best Regards,
Parag

 

[Anthony Jones]

Thanks, Anthony.
Ok the requirement is something like this -
All our websites are Intranet sites and within one domain.
Now there is a website which allows anonymous acess to users.
This website will have a custom login page which will take the NT
credentials from the user (like domain, user name , password).
It will then redirect the user to the sites, user wish to visit.
Now all this sites have a windows logon authentication enabled (default IIS
authentication).
Now we should be able to pass these credentials to these sites so that user
should not get the IIS authentication pop up box.

If all of these sites are in the intranet zone and the intranet zone
security settings are set to their default then IE will attempt to use the
current users logon credentials to connect. Hence logon boxes should not be
seen. This assumes the client machines are in the same domain as well.

When a user tries to connect to one of these servers does IE show them to be
in the intranet zone?

Are you using a FQDN (e.g., server1.mydomain.com) or simply the server
name (e.g. server1) in the URLs to these servers?

 

[Parag Gaikwad]

The client machines are not in the same domain. Infact these are trusted
third parties outside our network which have our domain logon credentials
created for them. They access these websites through a secure pipe available
to them, that is the reason we have to provide a custom login page for them.
They access the servers using the server name (eg .
http://servername/websitename)