开发者

How to pass user authentication when visiting another url?

问答 作者:

Suppose I have a web app MyApp. When I access this web app, I have input user authentication info( user name and password), then from this site, want to visit another site say YourSite which will ask authentication too. Same authenticatio开发者_StackOverflown should be fine for both site.

So I want to pass user authentication data on MyApp to YourSite in code. Then I write a http handler like:

public void ProcessRequest(HttpContext context)
{
   string url = "http://YourSite/page/...";            
   HttpWebRequest myReq = (HttpWebRequest)WebRequest.Create(url);
   CredentialCache myCache = new CredentialCache();                        
   NetworkCredential netCredential = new NetworkCredential("myname", "mypassword", "");

   myCache.Add(new Uri(url), "Basic", netCredential);
   myCache.Add(new Uri(url), "Digest", netCredential);
   myCache.Add(new Uri(url), "Negotiate", netCredential);
   myReq.Credentials = myCache;
            //.....
}

But I don't want to set user name and password in code, I want to pass current user authentication data to YourSite.

How to implement this request?

==========Moro info about my situation: MyApp is Asp.NET wep app runing on IIS(windows authentication). YourSite is a Java app runing on Tomcat on another box. Both apps are configured to use Windows Active Directory user account on same windows domain server.

============More info: I change above code as(try to use current credential):

 public void ProcessRequest(HttpContext context)
    {
       string url = "http://YourSite/page/...";            
       HttpWebRequest myReq = (HttpWebRequest)WebRequest.Create(url);
       myReq.Credentials = CredentialCache.DefaultCredentials;

       //.....
    }

but can't passed the authentication.

Could you use a 1 pixel by 1 pixel iframe of the MyApp website on the YourSite page, then pass information via javascript/ajax? I suppose I would go with Darin's comment and suggest OpenID, but this may be an option. I haven't tried it, so let me know if it works :)

If your applications are running on the same top level domain (myapp.abc.com and yourapp.abc.com), it would be easy by using Forms Authentication and Membership Provider by just setting in your applications web.config:

Asp.net forms authentication and multiple domains

Scott Gu's Blog

If the domains are different, you could use SSO (sing sign on) solutions like: http://singlesignon.codeplex.com/

继续阅读:asp.netauthenticationhttphandler

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9