Redirect to an authenticated site .....

[giodo]

Hi ALL

When we try to get an access to a secure content in a IIS with "Basic
Authentication" IE shows a dialog box to set user ID and pass. After
correct authentication IE (all browsers) adds a special HTTPHeader
for each request:

Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

where QWxhZGRpbjpvcGVuIHNlc2FtZQ== is Base64("userIDass")

I'm wondering how to add this HTTPHeader using ASP (on the server
site)
or by any scripting language (like JScript VBScript on the client site
in a browser) by myself, without asking a user about ID and pass.

My scenario:

page01.aspx - anonymouse access
page02.aspx - Basic Authentication

User is calling page01.aspx and then is automatically redirecting to
page02.aspx without writing any password.

On the page01 user writes UserID and Password in the form, then my
script
verifies them and redirecting or not to the page02.
I wont to avoid this popup dialog box which IE displays.

Application will run on: ASP.NET 2.0, IIS 5
Client browsers >= IE 6.0

I'll really appreciate any help.

gioodo

Mark T

 

[bruce barker]

set the web site to support anonymous and basic. then on page02.aspx if
the header is not sent (check current.user, server variables, header,
etc) send a 401 response. the browser will try again with authication
(which iis will validate)

-- bruce (sqlwork.com)