How to access an internal asp.net web application from the internet?
I have an asp.net web application in an internal windows domain which calls a wcf-service. In the wcf-开发者_运维百科service I use the SecurityContext.Identity.Name, so it needs impersonation. Our task is that the web application can be accessed from anywhere. The first step was that the administrators published the web application throught ISA server 2006. The main problem with this solutions is that the browser doesn't save the user's loginname and password in the ISA authentication form. In addition the users want to access the webapp from Nokia Mobile with Opera Mini.
What can I do in a simple way that the browser saves the loginname/password in order to the user can use the application without reentering the login data in every 30/60 minutes????? Any best practise?
The standard is to store the username/password in a cookie and have the login page pull the login info from the cookie to auto-login. You can have this cookie expire in a month if you want to.
Here are some examples using different languages to add a "remember me" type functionality to save username and password in a cookie.
Cookies
php example
asp.net example
asp example
Response to creator's comments:
In order to modify the ISA login page, look at this article. You should be able to add the code top handle cookies by editing the login page file located in the directory C:\Program Files\Microsoft ISA Server\CookieAuthTemplates\ISA\HTML (assuming you installed ISA to that location).
I do not think there is an out of the box configuration that allows you to set this up, but I did see some configuration for setting trust level (#18 from the article) that you might want to play with.
精彩评论